[clamav-users] daily sig 22066 and kaspersky site Html.Exploit.CVE_2016_3326-3

ancien compte kiborg75012 at gmail.com
Thu Aug 11 04:18:31 EDT 2016


i'v forgot  :)

wget -qO- http://www.kaspersky.fr/internet-security/  | clamscan -
stdin: Html.Exploit.CVE_2016_3326-3 FOUND

----------- SCAN SUMMARY -----------
Known viruses: 7809215
Engine version: 0.99.2
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.09 MB
Data read: 0.11 MB (ratio 0.81:1)
Time: 47.320 sec (0 m 47 s)

Best Regards

2016-08-11 10:12 UTC+02:00, ancien compte <kiborg75012 at gmail.com>:
> hi,
>
> from every links inside "particular's links"
>
> http://www.kaspersky.fr/internet-security
> http://www.kaspersky.fr/total-security-multi-device
> http://www.kaspersky.fr/multi-device-security
>
> Nom du virus: Html.Exploit.CVE_2016_3326-3
>
> may we trust it on /var/lib/clamav/sigwhitelist.ign2 ?
>
> squid+c-icap+squidclamav
>
> - windows 10 family up to date = > Microsoft Windows [version 10.0.14393]
> - clamav-unofficial-sigs             3.7.2-2
> - squidclamav 6.15 from squid c-icap <= module clamd < = ClamAV
> 0.99.2/22065/Thu
> ----------- SCAN SUMMARY -----------
> Known viruses: 7808960
> Engine version: 0.99.2
>
>
> Thu Aug 11 05:07:36 2016 -> Querying
> safebrowsing.44909.82.1.0.B2216984.ping.clamav.net
> Thu Aug 11 06:07:49 2016 -> Querying current.cvd.clamav.net
> Thu Aug 11 06:07:53 2016 -> Querying
> daily.22065.82.1.0.C39A07B0.ping.clamav.net
> Thu Aug 11 07:08:07 2016 -> Querying current.cvd.clamav.net
> Thu Aug 11 08:08:08 2016 -> Querying current.cvd.clamav.net
> Thu Aug 11 09:08:08 2016 -> Querying current.cvd.clamav.net
>
> LibClamAV debug: /var/lib/clamav/sigwhitelist.ign2 loaded
> LibClamAV debug: daily.info loaded
> LibClamAV debug: daily.cfg loaded
> LibClamAV debug: daily.ign loaded
> LibClamAV debug: daily.ign2 loaded
> LibClamAV debug: daily.ftm loaded
> LibClamAV debug: daily.hdb loaded
> LibClamAV debug: daily.hsb loaded
> LibClamAV debug: daily.mdb loaded
> LibClamAV debug: daily.msb loaded
> LibClamAV debug: daily.ndb loaded
> LibClamAV debug: daily.ldb loaded
> LibClamAV debug: daily.idb loaded
> LibClamAV debug: daily.fp loaded
> LibClamAV debug: daily.sfp loaded
> LibClamAV debug: daily.pdb loaded
> LibClamAV debug: daily.wdb loaded
> LibClamAV debug: daily.crb loaded
> LibClamAV debug: daily.cdb loaded
> LibClamAV debug: /var/lib/clamav/daily.cld loaded
> LibClamAV debug: /var/lib/clamav/sanesecurity.ftm loaded
> LibClamAV debug: /var/lib/clamav/blurl.ndb loaded
> LibClamAV debug: main.info loaded
> LibClamAV debug: main.hdb loaded
> LibClamAV debug: main.hsb loaded
> LibClamAV debug: main.mdb loaded
> LibClamAV debug: main.msb loaded
> LibClamAV debug: main.ndb loaded
> LibClamAV debug: main.fp loaded
> LibClamAV debug: main.sfp loaded
> LibClamAV debug: main.crb loaded
> LibClamAV debug: /var/lib/clamav/main.cvd loaded
> LibClamAV debug: bytecode.info loaded
> LibClamAV debug: 3986185.cbc loaded
> LibClamAV debug: 3986187.cbc loaded
> LibClamAV debug: 3986188.cbc loaded
> LibClamAV debug: 3986206.cbc loaded
> LibClamAV debug: 3986212.cbc loaded
> LibClamAV debug: 3986214.cbc loaded
> LibClamAV debug: 3986215.cbc loaded
> LibClamAV debug: 3986216.cbc loaded
> LibClamAV debug: 3986217.cbc loaded
> LibClamAV debug: 3986218.cbc loaded
> LibClamAV debug: 3986219.cbc loaded
> LibClamAV debug: 3986220.cbc loaded
> LibClamAV debug: 3986221.cbc loaded
> LibClamAV debug: 3986222.cbc loaded
> LibClamAV debug: 3986223.cbc loaded
> LibClamAV debug: 3986224.cbc loaded
> LibClamAV debug: 3986229.cbc loaded
> LibClamAV debug: 3986230.cbc loaded
> LibClamAV debug: 3986231.cbc loaded
> LibClamAV debug: 3986232.cbc loaded
> LibClamAV debug: 3986233.cbc loaded
> LibClamAV debug: 3986234.cbc loaded
> LibClamAV debug: 3986235.cbc loaded
> LibClamAV debug: 3986236.cbc loaded
> LibClamAV debug: 3986242.cbc loaded
> LibClamAV debug: 3986244.cbc loaded
> LibClamAV debug: 3986249.cbc loaded
> LibClamAV debug: 3986259.cbc loaded
> LibClamAV debug: 3986282.cbc loaded
> LibClamAV debug: 3986283.cbc loaded
> LibClamAV debug: 3986289.cbc loaded
> LibClamAV debug: 3986292.cbc loaded
> LibClamAV debug: 3986301.cbc loaded
> LibClamAV debug: 3986303.cbc loaded
> LibClamAV debug: 3986305.cbc loaded
> LibClamAV debug: 3986306.cbc loaded
> LibClamAV debug: 3986310.cbc loaded
> LibClamAV debug: 3986318.cbc loaded
> LibClamAV debug: 3986321.cbc loaded
> LibClamAV debug: 3986322.cbc loaded
> LibClamAV debug: 3986326.cbc loaded
> LibClamAV debug: 3986327.cbc loaded
> LibClamAV debug: 3986328.cbc loaded
> LibClamAV debug: 3986334.cbc loaded
> LibClamAV debug: 3986337.cbc loaded
> LibClamAV debug: 4306126.cbc loaded
> LibClamAV debug: 4306157.cbc loaded
> LibClamAV debug: 4307467.cbc loaded
> LibClamAV debug: 4310114.cbc loaded
> LibClamAV debug: 4416867.cbc loaded
> LibClamAV debug: 4510302.cbc loaded
> LibClamAV debug: 4526683.cbc loaded
> LibClamAV debug: 4553522.cbc loaded
> LibClamAV debug: /var/lib/clamav/bytecode.cvd loaded
> LibClamAV debug: /var/lib/clamav/junk.ndb loaded
> LibClamAV debug: /var/lib/clamav/jurlbl.ndb loaded
> LibClamAV debug: /var/lib/clamav/phish.ndb loaded
> LibClamAV debug: /var/lib/clamav/rogue.hdb loaded
> LibClamAV debug: /var/lib/clamav/spamattach.hdb loaded
> LibClamAV debug: /var/lib/clamav/scam.ndb loaded
> LibClamAV debug: /var/lib/clamav/winnow.attachments.hdb loaded
> LibClamAV debug: /var/lib/clamav/spamimg.hdb loaded
> LibClamAV debug: /var/lib/clamav/winnow_extended_malware.hdb loaded
> LibClamAV debug: /var/lib/clamav/winnow_bad_cw.hdb loaded
> LibClamAV debug: /var/lib/clamav/winnow_malware_links.ndb loaded
> LibClamAV debug: /var/lib/clamav/winnow_malware.hdb loaded
> LibClamAV debug: /var/lib/clamav/bofhland_cracked_URL.ndb loaded
> LibClamAV debug: /var/lib/clamav/doppelstern.hdb loaded
> LibClamAV debug: safebrowsing.info loaded
> LibClamAV debug: safebrowsing.gdb loaded
> LibClamAV debug: /var/lib/clamav/safebrowsing.cvd loaded
> LibClamAV debug: /var/lib/clamav/bofhland_malware_attach.hdb loaded
> LibClamAV debug: /var/lib/clamav/bofhland_malware_URL.ndb loaded
> LibClamAV debug: /var/lib/clamav/bofhland_phishing_URL.ndb loaded
> LibClamAV debug: /var/lib/clamav/crdfam.clamav.hdb loaded
> LibClamAV debug: /var/lib/clamav/phishtank.ndb loaded
> LibClamAV debug: /var/lib/clamav/porcupine.ndb loaded
>
> Jul 26 2013 doppelstern.hdb
> Mar 9 09:56 sanesecurity.ftm
> Jun 21 09:54 spamattach.hdb
> Jul 13 21:44 crdfam.clamav.hdb
> Aug 9 15:45 winnow_malware.hdb
> Aug 9 15:45 winnow_bad_cw.hdb
> Aug 9 15:45 winnow.attachments.hdb
> Aug 9 15:48 bofhland_phishing_URL.ndb
> Aug 9 15:59 ..
> Aug 9 16:01 phish.ndb
> Aug 9 16:30 main.cvd
> Aug 9 16:31 bytecode.cvd
> Aug 10 04:45 winnow_extended_malware.hdb
> Aug 10 10:56 junk.ndb
> Aug 10 12:27 sigwhitelist.ign2
> Aug 10 13:52 spamimg.hdb
> Aug 10 14:10 scam.ndb
> Aug 11 02:54 rogue.hdb
> Aug 11 03:54 jurlbl.ndb
> Aug 11 04:45 winnow_malware_links.ndb
> Aug 11 04:46 porcupine.ndb
> Aug 11 04:48 bofhland_malware_URL.ndb
> Aug 11 04:48 bofhland_cracked_URL.ndb
> Aug 11 04:48 bofhland_malware_attach.hdb
> Aug 11 04:54 blurl.ndb
> Aug 11 05:07 safebrowsing.cvd
> Aug 11 05:46 phishtank.ndb
> Aug 11 06:07 daily.cld
> Aug 11 09:08 mirrors.dat
>
>
>
> i'v just made a manual update to 22066  from clamav-freshclam
>
> Thu Aug 11 09:41:18 2016 -> Downloading daily-22066.cdiff [100%]
> Thu Aug 11 09:41:18 2016 -> cdiff_apply: Parsed 310 lines and executed
> 310 commands
> Thu Aug 11 09:41:19 2016 -> Loading signatures from daily.cld
> Thu Aug 11 09:41:21 2016 -> Properly loaded 500203 signatures from new
> daily.cld
> Thu Aug 11 09:41:21 2016 -> daily.cld updated (version: 22066, sigs:
> 500202, f-level: 63, builder: neo)
> Thu Aug 11 09:41:21 2016 -> Querying
> daily.22066.82.1.0.2E1D7D10.ping.clamav.net
> Thu Aug 11 09:41:21 2016 -> safebrowsing.cvd version from DNS: 44910
> Thu Aug 11 09:41:24 2016 -> Retrieving
> http://db.local.clamav.net/safebrowsing-44910.cdiff
> Thu Aug 11 09:41:24 2016 -> Trying to download
> http://db.local.clamav.net/safebrowsing-44910.cdiff (IP: 46.29.125.16)
> Thu Aug 11 09:41:24 2016 -> Empty script safebrowsing-44910.cdiff,
> need to download entire database
> Thu Aug 11 09:41:24 2016 -> Whitelisting short-term blacklisted mirrors
> Thu Aug 11 09:41:24 2016 -> Retrieving
> http://db.local.clamav.net/safebrowsing.cvd
> Thu Aug 11 09:41:24 2016 -> Trying to download
> http://db.local.clamav.net/safebrowsing.cvd (IP: 46.29.125.16)
> Thu Aug 11 09:41:48 2016 -> Downloading safebrowsing.cvd [100%]
> Thu Aug 11 09:41:51 2016 -> Loading signatures from safebrowsing.cvd
> Thu Aug 11 09:42:01 2016 -> Properly loaded 2930264 signatures from
> new safebrowsing.cvd
> Thu Aug 11 09:42:02 2016 -> safebrowsing.cvd updated (version: 44910,
> sigs: 2930264, f-level: 63, builder: google)
> Thu Aug 11 09:42:02 2016 -> Querying
> safebrowsing.44910.82.1.0.2E1D7D10.ping.clamav.net
> Thu Aug 11 09:42:02 2016 -> bytecode.cvd version from DNS: 283
> Thu Aug 11 09:42:02 2016 -> bytecode.cvd is up to date (version: 283,
> sigs: 53, f-level: 63, builder: neo)
> Thu Aug 11 09:42:14 2016 -> Database updated (7649309 signatures) from
> db.local.clamav.net (IP: 46.29.125.16)
> Thu Aug 11 09:42:14 2016 -> Clamd successfully notified about the update.
> Thu Aug 11 09:42:14 2016 -> --------------------------------------
>



More information about the clamav-users mailing list