/mnt/secondary/var/spool/squid3/00/0D/00000DC9: Trojan.Patched-247 FOUND downloaded from.. http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/11154683.cab Resolving www.download.windowsupdate.com... 8.27.241.126, 8.27.242.126, 8.254.9.254
A manual scan of the file shows this deviant:/home/devadmin# wget http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/11154683.cab --2012-06-11 12:10:44-- http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/11154683.cab Resolving www.download.windowsupdate.com... 8.27.241.126, 8.27.242.126, 8.254.9.254 Connecting to www.download.windowsupdate.com|8.27.241.126|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 8167633 (7.8M) [application/octet-stream] Saving to: “11154683.cab” 100%[===================================================================================================================>] 8,167,633 340K/s in 23s 2012-06-11 12:11:08 (343 KB/s) - “11154683.cab” saved [8167633/8167633] deviant:/home/devadmin# clamscan -i 11154683.cab 11154683.cab: Trojan.Patched-247 FOUND ----------- SCAN SUMMARY ----------- Known viruses: 1256227 Engine version: 0.97.3 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 22.68 MB Data read: 7.79 MB (ratio 2.91:1) Time: 37.485 sec (0 m 37 s) _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
