Hi list, I'm experiencing a very strange situation and need some help. I have some files infected by W32.Parite.B in my linux file server, but the clamav on the file server does not detect the virus, so I copied the file to my OS X 10, run clamav and the virus was not detected too. I was perplex and copied the file to a FreeBSD machine an running clamav from there the virus was detected !
Follow the versions of the clamav and operating systems: ============================================ My FileServer (with recently compiled clamav, tested with rpm from centos repository with the same result! ) # uname -a; openssl md5 file.exe; ./clamscan/.libs/clamscan --version; ./clamscan/.libs/clamscan file.exe Linux Wally 2.6.18-53.1.6.el5 #1 SMP Wed Jan 23 11:28:47 EST 2008 x86_64 x86_64 x86_64 GNU/Linux MD5(file.exe)= e7e7dc7981a4089cdcb42d32247dc6e0 ClamAV 0.94/8284/Thu Sep 18 18:54:57 2008 file.exe: OK ----------- SCAN SUMMARY ----------- Known viruses: 428321 Engine version: 0.94 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.00 MB Time: 0.869 sec (0 m 0 s) ============================================ My Workstation (with clamav installed from macports) $ uname -a; md5 file.exe; clamscan --version; clamscan file.exe Darwin alebook.local 9.5.0 Darwin Kernel Version 9.5.0: Wed Sep 3 11:29:43 PDT 2008; root:xnu-1228.7.58~1/RELEASE_I386 i386 MD5 (file.exe) = e7e7dc7981a4089cdcb42d32247dc6e0 ClamAV 0.94/8284/Thu Sep 18 18:54:57 2008 file.exe: OK ----------- SCAN SUMMARY ----------- Known viruses: 428321 Engine version: 0.94 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.00 MB Time: 1.821 sec (0 m 1 s) ============================================ My FreeBSD MailServer (with old clamav version from ports) $ uname -a; md5 file.exe; clamscan --version; clamscan file.exe FreeBSD Juggernaut 6.2-STABLE FreeBSD 6.2-STABLE #0: Tue Oct 9 11:59:17 BRT 2007 [EMAIL PROTECTED]:/usr/src/sys/i386/compile/Juggernaut i386 MD5 (file.exe) = e7e7dc7981a4089cdcb42d32247dc6e0 ClamAV 0.91.2/8283/Thu Sep 18 17:22:43 2008 LibClamAV Warning: *********************************************************** LibClamAV Warning: *** This version of the ClamAV engine is outdated. *** LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq *** LibClamAV Warning: *********************************************************** LibClamAV Warning: *********************************************************** LibClamAV Warning: *** This version of the ClamAV engine is outdated. *** LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq *** LibClamAV Warning: *********************************************************** file.exe: W32.Parite.B FOUND ----------- SCAN SUMMARY ----------- Known viruses: 427968 Engine version: 0.91.2 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 49.38 MB Time: 44.648 sec (0 m 44 s) Can someone explain this ? Regards, _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
