I'm sorry to be late with the reply. On Sat, Sep 2, 2023 at 6:02 PM Matus UHLAR - fantomas <[email protected]> wrote: > > On 02.09.23 17:04, Victor Sizov via clamav-users wrote: > >Perhaps my Ubuntu computer is infected with a virus that redirects > >html requests to "iyfbodn.com". To test it, I installed clamav (sudo > >apt install clamav clamav-daemon). When I updated it (sudo freshclam) > >I got the message: > > > >... > >Sat Sep 2 10:13:18 2023 -> DON'T PANIC! Read > >https://docs.clamav.net/manual/Installing.html > >Sat Sep 2 10:13:18 2023 -> ^FreshClam previously received error code > >429 or 403 from the ClamAV Content Delivery Network (CDN). > >Sat Sep 2 10:13:18 2023 -> This means that you have been rate limited > >or blocked by the CDN. > >Sat Sep 2 10:13:18 2023 -> 1. Verify that you're running a supported > >ClamAV version. > >Sat Sep 2 10:13:18 2023 -> See > >https://docs.clamav.net/faq/faq-eol.html for details. >
> Which clamav version do you have? versions older than 0.103 are not > supported. I have 0.103.9 version. > > > >... > > I launched > >curl -IL docs.clamav.net > >and received: > > > >HTTP/1.1 403 Forbidden > >Date: Sat, 02 Sep 2023 07:19:15 GMT > >Content-Type: text/html; charset=UTF-8 > >Connection: keep-alive > >X-Frame-Options: SAMEORIGIN > >Referrer-Policy: same-origin > >Cache-Control: max-age=15 > >Expires: Sat, 02 Sep 2023 07:19:30 GMT > >Set-Cookie: > >__cf_bm=1MZmm2EcWi6S8fOiuha9zoaXngA5e44ph5LO2aXJchA-1693639155-0-AS7aYuYw1QJSTpioxNW76blxkMJKz2kTfvsaiUlH/kP9Z0sLbeMcLKgyf42ANBRqndUJQx > >2dXrePUzX9Aj+RnvA=; path=/; expires=Sat, 02-Sep-23 07:49:15 GMT; > >domain=.clamav.net; HttpOnly; SameSite=None > >X-Content-Type-Options: nosniff > >Server: cloudflare > >CF-RAY: 8003fbd3bbe89d6d-DME > > ! > >When I open https://docs.clamav.net in a browser, I get a message ! > >about blocking in cloudflare: ! > > ! > >Cloudflare Ray ID: 8005341f1fbc9daa • Your IP: 91.77.160.250 > > > >1) How I can resolve this to get last clamav updates? > > clamav web and virus DB are protected from automated fetching. You need > browser or freshclam new enough. Is freshclam 0.103.9 new enough? I cannot use my brouser (Firefox 117 64 bit) because cloudflare blocks my access to clamav.net. > > > >2) Could you advise me how to make sure the presence/absence of a > >redirect to "iyfbodn.com"? > > sorry, looks like a real virus targetting browsers. > Can you try searching from other computer? Yes, i tried installing clamav on another computer in my local network and got the same errors when running freshclam and clamscan. freshcalm error: sizov@ironUbuntu:~$ sudo freshclam Sun Sep 3 22:20:23 2023 -> ClamAV update process started at Sun Sep 3 22:20:23 2023 Sun Sep 3 22:20:23 2023 -> ^Your ClamAV installation is OUTDATED! Sun Sep 3 22:20:23 2023 -> ^Local version: 0.103.9 Recommended version: 0.103.10 Sun Sep 3 22:20:23 2023 -> DON'T PANIC! Read https://docs.clamav.net/manual/Installing.html Sun Sep 3 22:20:23 2023 -> ^FreshClam previously received error code 429 or 403 from the ClamAV Content Delivery Network (CDN). Sun Sep 3 22:20:23 2023 -> This means that you have been rate limited or blocked by the CDN. Sun Sep 3 22:20:23 2023 -> 1. Verify that you're running a supported ClamAV version. Sun Sep 3 22:20:23 2023 -> See https://docs.clamav.net/faq/faq-eol.html for details. Sun Sep 3 22:20:23 2023 -> 2. Run FreshClam no more than once an hour to check for updates. Sun Sep 3 22:20:23 2023 -> FreshClam should check DNS first to see if an update is needed. Sun Sep 3 22:20:23 2023 -> 3. If you have more than 10 hosts on your network attempting to download, Sun Sep 3 22:20:23 2023 -> it is recommended that you set up a private mirror on your network using Sun Sep 3 22:20:23 2023 -> cvdupdate (https://pypi.org/project/cvdupdate/) to save bandwidth on the Sun Sep 3 22:20:23 2023 -> CDN and your own network. Sun Sep 3 22:20:23 2023 -> 4. Please do not open a ticket asking for an exemption from the rate limit, Sun Sep 3 22:20:23 2023 -> it will not be granted. Sun Sep 3 22:20:23 2023 -> ^You are still on cool-down until after: 2023-09-03 23:22:34 s calscan error: sizov@ironUbuntu:~$ sudo clamscan . LibClamAV Error: cli_loaddbdir(): No supported database files found in /var/lib/clamav ERROR: Can't open file or directory ----------- SCAN SUMMARY ----------- Known viruses: 0 Engine version: 0.103.9 Scanned directories: 0 Scanned files: 0 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 0.005 sec (0 m 0 s) Start Date: 2023:09:03 22:02:04 End Date: 2023:09:03 22:02:04 Also, I can't access to clamav .net from any computer on my local network because claudflare blocks me. I have access to it from a smartphone only, it is on another network. > -- > Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > REALITY.SYS corrupted. Press any key to reboot Universe. > _______________________________________________ > > Manage your clamav-users mailing list subscription / unsubscribe: > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/Cisco-Talos/clamav-documentation > > https://docs.clamav.net/#mailing-lists-and-chat with regards, Victor Sizov _______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
