My definitions are up to date as far as I am aware, I have it set as a cron job so it updates daily:
deviant:/home/devadmin# freshclam ClamAV update process started at Mon Jun 11 14:38:20 2012 main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) daily.cld is up to date (version: 15031, sigs: 217573, f-level: 63, builder: neo) bytecode.cld is up to date (version: 185, sigs: 39, f-level: 63, builder: neo) And still shows file is infected. deviant:/home/devadmin# clamscan -i 11154683.cab ----------- SCAN SUMMARY ----------- Known viruses: 1256678 Engine version: 0.97.3 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 31.22 MB Data read: 7.79 MB (ratio 4.01:1) Time: 48.822 sec (0 m 48 s) ============================================================================================= On Mon, 11 Jun 2012 16:56:46 -0400 Alain Zidouemba <azidoue...@sourcefire.com> wrote: > Please update your signatures. This FP has been taken care of. > > Thanks, > > - Alain > > On Mon, Jun 11, 2012 at 4:50 PM, bnichols <mrnicho...@gmail.com> > wrote: > > > /mnt/secondary/var/spool/squid3/00/0D/00000DC9: Trojan.Patched-247 > > FOUND downloaded from.. > > > > http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/11154683.cab > > Resolving www.download.windowsupdate.com... 8.27.241.126, > > 8.27.242.126, 8.254.9.254 > > > > A manual scan of the file shows this > > > > deviant:/home/devadmin# wget > > http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/11154683.cab > > --2012-06-11 12:10:44-- > > http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/11154683.cab > > Resolving www.download.windowsupdate.com... 8.27.241.126, > > 8.27.242.126, 8.254.9.254 > > Connecting to www.download.windowsupdate.com|8.27.241.126|:80... > > connected. > > HTTP request sent, awaiting response... 200 OK > > Length: 8167633 (7.8M) [application/octet-stream] > > Saving to: “11154683.cab” > > > > 100%[===================================================================================================================>] > > 8,167,633 340K/s in 23s > > > > 2012-06-11 12:11:08 (343 KB/s) - “11154683.cab” saved > > [8167633/8167633] > > > > deviant:/home/devadmin# clamscan -i 11154683.cab > > 11154683.cab: Trojan.Patched-247 FOUND > > > > ----------- SCAN SUMMARY ----------- > > Known viruses: 1256227 > > Engine version: 0.97.3 > > Scanned directories: 0 > > Scanned files: 1 > > Infected files: 1 > > Data scanned: 22.68 MB > > Data read: 7.79 MB (ratio 2.91:1) > > Time: 37.485 sec (0 m 37 s) > > > > > > _______________________________________________ > > Help us build a comprehensive ClamAV guide: visit > > http://wiki.clamav.net http://www.clamav.net/support/ml > _______________________________________________ > Help us build a comprehensive ClamAV guide: visit > http://wiki.clamav.net http://www.clamav.net/support/ml _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
