Re: [Clamav-users] Virus not detected on Linux/MacOSX

Fri, 19 Sep 2008 00:00:38 -0700 

On 2008-09-19 02:54, Alexandre Biancalana wrote:
> Hi list,
>
>  I'm experiencing a very strange situation and need some help. I have
> some files infected by W32.Parite.B in my linux file server, but the
> clamav on the file server does not detect the virus, so I copied the
> file to my OS X 10, run clamav and the virus was not detected too. I
> was perplex and copied the file to a FreeBSD machine an running clamav
> from there the virus was detected !
>
> Follow the versions of the clamav and operating systems:
>
> ============================================
>  My FileServer (with recently compiled clamav, tested with rpm from
> centos repository with the same result! )
>
> # uname -a; openssl md5 file.exe; ./clamscan/.libs/clamscan --version;
> ./clamscan/.libs/clamscan file.exe
> Linux Wally 2.6.18-53.1.6.el5 #1 SMP Wed Jan 23 11:28:47 EST 2008
> x86_64 x86_64 x86_64 GNU/Linux
> MD5(file.exe)= e7e7dc7981a4089cdcb42d32247dc6e0
> ClamAV 0.94/8284/Thu Sep 18 18:54:57 2008
> file.exe: OK
>
> ----------- SCAN SUMMARY -----------
> Known viruses: 428321
> Engine version: 0.94
> Scanned directories: 0
> Scanned files: 1
> Infected files: 0
> Data scanned: 0.00 MB
> Time: 0.869 sec (0 m 0 s)
>
>
> ============================================
>  My Workstation (with clamav installed from macports)
>
> $ uname -a; md5 file.exe; clamscan --version; clamscan file.exe
> Darwin alebook.local 9.5.0 Darwin Kernel Version 9.5.0: Wed Sep  3
> 11:29:43 PDT 2008; root:xnu-1228.7.58~1/RELEASE_I386 i386
> MD5 (file.exe) = e7e7dc7981a4089cdcb42d32247dc6e0
> ClamAV 0.94/8284/Thu Sep 18 18:54:57 2008
> file.exe: OK
>
> ----------- SCAN SUMMARY -----------
> Known viruses: 428321
> Engine version: 0.94
> Scanned directories: 0
> Scanned files: 1
> Infected files: 0
> Data scanned: 0.00 MB
> Time: 1.821 sec (0 m 1 s)
>
>
> ============================================
>  My FreeBSD MailServer (with old clamav version from ports)
>
> $ uname -a; md5 file.exe; clamscan --version; clamscan file.exe
> FreeBSD Juggernaut 6.2-STABLE FreeBSD 6.2-STABLE #0: Tue Oct  9
> 11:59:17 BRT 2007
> [EMAIL PROTECTED]:/usr/src/sys/i386/compile/Juggernaut  i386
> MD5 (file.exe) = e7e7dc7981a4089cdcb42d32247dc6e0
> ClamAV 0.91.2/8283/Thu Sep 18 17:22:43 2008
>   

This is a different ClamAV engine version!
Please open a bugreport, and attach the sample.

Best regards,
--Edwin
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

Reply via email to