[clamav-users] clamscan and PUA
Mark Price
mprice at tqhosting.com
Thu Sep 4 15:23:19 UTC 2014
In the past day we have had clamscan on several servers detect infected
files due to: PUA.Windows.DoubleExtension-zippwd-3
I've read the clamscan manpage but have not had any luck with getting the
"--detect-pua" option to work. Example:
# clamscan --detect-pua=no ./sample-msg1.txt
./sample-msg1.txt: PUA.Windows.DoubleExtension-zippwd-3 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 3515268
Engine version: 0.98
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.05 MB (ratio 0.00:1)
Time: 9.402 sec (0 m 9 s)
In this case, is the infected file being detected by a PUA that I should be
able to disable with command line option? Or is "PUA" simply part of the
virus signature name?
Thanks,
Mark
More information about the clamav-users
mailing list