[clamav-users] ClamXav and Compressed Files
alvarnell at mac.com
Sat Mar 28 21:48:14 EDT 2015
On Sat, Mar 28, 2015 at 06:35 PM, Jinwon Lee wrote:
> Thanks for the responses. I am not a computer expert so I might not fully understand
> all that has been discussed but it sounds like ClamXav extracts(decompose?) archive files like zip, RAR and then scan. But with .dmg
> file it is uncertain that it does the same thing.
> It sounds like ClamXav is not ‘complete’ yet.
Again, we are discussing the ClamAV® scan engine here which is used by ClamXav but is not the same thing. ClamXav is just the user interface that allows you to use the scan engine on your computer.
Perhaps I wasn’t clear on the results of my testing, but they indicate that the scan engine will not look at the contents of a .dmg file until you mount it on your desktop. It’s not so much that it’s incomplete, but I would have to guess that it’s not possible to do so. The scan may identify the .dmg file itself as one known to contain malware, depending on whether or not a sample was previously received and a signature prepared for it.
Mountain View, CA
More information about the clamav-users