[clamav-users] Clamav Definitions vs. Devel-Clamav Definitions
Maarten Broekman
maarten.broekman at gmail.com
Thu Mar 29 11:04:55 UTC 2018
Hi Peter,
Given the name of that virus, I would guess that your hosting provider is using some extra virus definitions that aren’t part of the standard ClamAV distribution. It doesn’t have to do with the engine in this case.
You should get in touch with them about that.
Maarten Broekman
Sent from a tiny keyboard
> On Mar 29, 2018, at 06:49, Peter Folk <peter.folk01 at gmail.com> wrote:
>
> Hello,
>
> running into a weird issue here... our web host has run a clamav scan on
> our VPS server, and found 1 infected PHP file, infected with
> SL-PHP-BACKDOOR-GENERIC.
>
> The clamav engine version used in the scan done by the web host was:
> devel-clamav-0.99-beta1-632-g8a582c7 (that's what the log file says)
>
> Now, I can't find that engine version anywhere on the web.
>
> But, we installed the latest, stable clamav 0.9.4 on the CentOS hosting
> box, updated definitions to latest via freshclam (it says Engine version:
> 0.99.4) and ran a clamav scan on the exact same files as our web host did.
>
> clamscan does NOT find any infected files.
>
> Can anybody explain why these definitions/engine versions are different.
> and why does devel-clamav engine find infected files and latest clamav
> engine does not.... ?
>
> most importantly: how can I install and use the devel-clamav engine ??
>
> Thanks.
>
> Peter
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list