Hi there,
On Fri, 27 Nov 2020, Alejandro Hern?ndez via clamav-users wrote:
> while I run a scan in 'portable clamwin', Microsoft Defender detects
> this (.tmp) file as a virus:
1. The 'portable clamwin' product is not ClamAV, although I believe it
does use a scanning engine based on ClamAV's engine. If you have any
questions about it, you probably need to ask at forum.clamwin.com.
2. Microsoft Defender is a Microsoft Product, if you have concerns
about it, you should ask on a Microsoft support forum. I have no idea
where that might be.
3. To which (.tmp) file do you refer?
> Is it normal?
I can't say whether anything is normal or not until I fully understand
the question. I should not be at all surprised to see different scan
results from different scanning engines for the same scanned file. If
you meant to ask why Microsoft Defender finds a virus but ClamWin does
not, then that's a good question. The answer may be because no sample
has yet been submitted for inclusion in the virus databases, or, if it
has, either the team at Cisco/Sourcefire/Talos hasn't yet processed it
or they screwed up (unlikely but it does happen); perhaps your ClamWin
database hasn't been updated; or maybe the scanning engine in ClamWin
is not capable of detecting the virus.
Note the most recent version of ClamWin announced at www.clamwin.com
is 0.99.4 (released March 1st 2018). The current release of ClamAV is
0.103.0 (released September 14th 2020, available at www.clamav.net).
I can see no justification for using an anti-virus product when its
provider apparently does not keep it up to date.
--
73,
Ged.
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
image.png (27.1 KB)