Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: ClamAv antivirus weird results???
« previous next »
Pages: [1]   Go Down

ClamAv antivirus weird results???

  • 4 Replies
  • 551 Views

Greg

ClamAv antivirus weird results???
« on: January 07, 2003, 05:12:20 PM »
I have installed the latest ClamAv and this is the results of a scan.

Info generated from scan......

Scan date Tue Jan 7 18:19:26 WST 2003
/home/e-smith/files/ibays//sme_updates/files/add_ons/HBDev Antivirus/avlxsrv.tgz: Hydra FOUND
/home/e-smith/files/ibays//sme_updates/files/add_ons/HBDev Antivirus/avlxsrv.tgz: Quarantined.
/home/e-smith/files/ibays//sme_updates/files/add_ons/HBDev Antivirus/antivir-server-2.0.6/bin/antivir: Hydra FOUND
/home/e-smith/files/ibays//sme_updates/files/add_ons/HBDev Antivirus/antivir-server-2.0.6/bin/antivir: Quarantined.
/home/e-smith/files/ibays//sme_updates/files/add_ons/HBDev Antivirus/antivir-server-2.0.6/bin/antivir-fc: Hydra FOUND
/home/e-smith/files/ibays//sme_updates/files/add_ons/HBDev Antivirus/antivir-server-2.0.6/bin/antivir-fc: Quarantined.

We followed the Clam Av scan with a backup of SME to desktop and we scanned the .tgz file for viruses as I assume the backup takes all the mail as well. We found many more viruses in the .tgz file (about 20) which Nortons antivirus detected. There was Bugbear, Hybrid etc all destroyed in this file? Should the Clam Av detect this on the server prior to a backup to destop being done? I think all these viruses are in uncollected mail accounts.

Any Ideas??/

TIA Greg
Logged

Jan

Re: ClamAv antivirus weird results???
« Reply #1 on: January 07, 2003, 07:39:30 PM »
Have you updated the virus db after you installed clamav? You can do that manually by entering command ' freshclam' (without the ' ' ). New virusses should be detected and I believe, if you installed evereything right, it should scan all already received mail somewhere within the next 24 hours. If not, check the forum for info on how to add these two functions (update and regular scanning of user maps).

regards,

Jan
Logged

Jan

Re: ClamAv antivirus weird results???
« Reply #2 on: January 07, 2003, 07:39:33 PM »
Have you updated the virus db after you installed clamav? You can do that manually by entering command ' freshclam' (without the ' ' ). New virusses should be detected and I believe, if you installed evereything right, it should scan all already received mail somewhere within the next 24 hours. If not, check the forum for info on how to add these two functions (update and regular scanning of user maps).

regards,

Jan
Logged

Jan

Re: ClamAv antivirus weird results???
« Reply #3 on: January 07, 2003, 07:41:39 PM »
Sorrt again I pressed submit twice.... duh!

I see you probably don't use clam but are trying to use HBdev? That is a different virusscanner so maybe you made a mistake in the config file?

regards,

Jan
Logged

Craig Foster

Re: ClamAv antivirus weird results???
« Reply #4 on: January 14, 2003, 07:30:22 PM »
Looks more like ClamAV has detected the virus signatures in HBDev Antivirus.

Happened to me with an InnoculateIT CD image

Craig F.
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: ClamAv antivirus weird results???