[clamav-users] clamscan/clamdscan with -z option
Paul
paul at netpresto.co.uk
Thu Feb 14 18:32:38 UTC 2019
Hi
I have been looking at using the -z option on either clamdscan or
clamscan and stumbled onto some odd behavior.
This is with version 101.1. 101.0 also behaves the same.
Take 1
clamscan -z ./clamav-0.101.1/test/clam.mail
./clamav-0.101.1/test/clam.mail: Clamav.Test.File-6 FOUND
./clamav-0.101.1/test/clam.mail: Clamav.Test.File-6 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 7611921
Engine version: 0.101.1
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 59.764 sec (0 m 59 s)
Take 2 paultest-010E110713-000 is constructed from test/clam.mail with
the addition of a line of text to the text/plain part of clam.mail which
triggers SecuriteInfo.com.Spam-48198.UNOFFICIAL FOUND
paule at larch:~# clamscan -z /var/lib/quarantine/paultest-010E110713-000
/var/lib/quarantine/paultest-010E110713-000: Clamav.Test.File-6 FOUND
/var/lib/quarantine/paultest-010E110713-000:
SecuriteInfo.com.Spam-48198.UNOFFICIAL FOUND
/var/lib/quarantine/paultest-010E110713-000: Clamav.Test.File-6 FOUND
/var/lib/quarantine/paultest-010E110713-000:
SecuriteInfo.com.Spam-48198.UNOFFICIAL FOUND
----------- SCAN SUMMARY -----------
Known viruses: 7611921
Engine version: 0.101.1
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 58.048 sec (0 m 58 s)
Anyway to prevent the duplicate signature hits being displayed.
Regards Paul
More information about the clamav-users
mailing list