Hi Peter, Given the name of that virus, I would guess that your hosting provider is using some extra virus definitions that aren’t part of the standard ClamAV distribution. It doesn’t have to do with the engine in this case.
You should get in touch with them about that. Maarten Broekman Sent from a tiny keyboard > On Mar 29, 2018, at 06:49, Peter Folk <peter.fol...@gmail.com> wrote: > > Hello, > > running into a weird issue here... our web host has run a clamav scan on > our VPS server, and found 1 infected PHP file, infected with > SL-PHP-BACKDOOR-GENERIC. > > The clamav engine version used in the scan done by the web host was: > devel-clamav-0.99-beta1-632-g8a582c7 (that's what the log file says) > > Now, I can't find that engine version anywhere on the web. > > But, we installed the latest, stable clamav 0.9.4 on the CentOS hosting > box, updated definitions to latest via freshclam (it says Engine version: > 0.99.4) and ran a clamav scan on the exact same files as our web host did. > > clamscan does NOT find any infected files. > > Can anybody explain why these definitions/engine versions are different. > and why does devel-clamav engine find infected files and latest clamav > engine does not.... ? > > most importantly: how can I install and use the devel-clamav engine ?? > > Thanks. > > Peter > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
