ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
Reply to topic
Can't update definitions: database.clamav.net Hacked?
Freeze


Joined: 30 Jun 2016
Posts: 5
Reply with quote
The url 'database.clamav.net' redirects to 'emeksensin.com'. I tried switching between DNS servers and same thing happens.
Anyone noticed? Anyone can update definitions?

Freeze
View user's profileSend private message
GuitarBob


Joined: 09 Jul 2006
Posts: 4210
Location: USA
Reply with quote
My updates are going okay. Have you installed any software recently? If you have not, then your machine might be hacked.

Regards,
View user's profileSend private message
ROCKNROLLKID


Joined: 23 Sep 2013
Posts: 561
Location: **UNKNOWN**
Reply with quote
How long has this been happening? Have you tried running a scan with Malwarebytes to make sure you don't have any redirecting trojans/malware on your system?

I highly doubt his system got hacked.
View user's profileSend private message
Lipper


Joined: 31 Oct 2010
Posts: 106
Location: USA
Reply with quote
Hello all:

I found a reference to emeksensin.com at clamav.net from November 2015. It appears related to an error in a mirror redirect, not sure what could be done, though.

http://lists.clamav.net/pipermail/clamav-users/2015-November/002019.html

Regards,
Lipper
View user's profileSend private message
GuitarBob


Joined: 09 Jul 2006
Posts: 4210
Location: USA
Reply with quote
Try this temporary download routine until you figure things out:

Go to http://www.clamav.net/downloads on the web. Select Virus Database. Right click on the main.cvd database and Save As in your ClamWin databae folder. Then do the same for the daily and bytecode databases, one at a time.

Regards,
View user's profileSend private message
Solved
Freeze


Joined: 30 Jun 2016
Posts: 5
Reply with quote
Hello everyone, it seems it was problem with the DNS. Though I swithced to the OpenDNS servers, it was still failing, now I cleaned the NetBT and seems to work fine. I asked because I was already doing manual downloads.
I do it manually since version 0.99
I've found that I can't reach the url current.cvd.clamav.net Does clam antivirus check for this on a diferent TCP port than 80?
View user's profileSend private message
ROCKNROLLKID


Joined: 23 Sep 2013
Posts: 561
Location: **UNKNOWN**
Reply with quote
The ClamAV mirrors are on port 22, while your DNS connects through port 53. Make sure none of these are being blocked by your firewall or your DNS service. You can try port 443/TCP, but I don't know which mirrors support https.

I personal do not use a DNS service and actually have the service disabled on my system. I just use a custom host file, instead, as it is much faster and more secure this way. However, I do have to say, it is weird why OpenDNS wouldn't work with ClamAV, considering that Cisco owns them both.
View user's profileSend private message
Freeze


Joined: 30 Jun 2016
Posts: 5
Reply with quote
Thanks RockRollKid I'll try opening port 22
View user's profileSend private message
Can't update definitions: database.clamav.net Hacked?
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Reply to topic