Sanesecurity
Sanesecurity
Describe the bug ---------------- Debug Log shows... ``` LibClamAV debug: iso_parse_dir: File 'SWIFT_95.EXE': off 1b7 - size 4feae - flags 0 - unit size 0 - gap size 0 -...
Describe the bug ---------------- This may be connected to bug 1109 (which decodes urls fine now) I've attached a pdf, which is a phishing attempt and has a couple of...
Tested with... Clamscan 64 bit v1.0.1 clamscan --database=foxhole_filename.cdb v:\infected --remove Loading: 0s, ETA: 0s [========================>] 3.28K/3.28K sigs Compiling: 0s, ETA: 0s [========================>] 10/10 tasks \\?\UNC\email\c$\infected\I01d6333fcd4805cf.DAT: Sanesecurity.Foxhole.Rar_fs2670.UNOFFICIAL FOUND win32_openat: Failed to...
Describe the bug ---------------- Created a simple cdb signature to test exe blocking in LZH: ``` test:CL_TYPE_LHA_LZH:*:(?i)\.exe$:*:*:*:*:*:* ``` Seems to work fine with the LZHs I've tested, however, the attached...
Run Command Prompt as Administrator and execute the following command: reg add "HKLM\Software\Policies\Microsoft\Dsh" /v "AllowNewsAndInterests" /t REG_DWORD /d "0" /f You can also use Group Policy Editor on non-Home editions...
Low priority I've only just spotted this oddity and easy to work around... Scanning a file with --debug gives you a CDBNAME, for example: LibClamAV debug: CDBNAMECL_TYPE_LHA_LZH:456899:Swift Copy.exe:456899:488448:0:1:3190126450 Test.cdb sig:...