Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: puzzling anti-virus results

  1. #1
    Join Date
    Feb 2013
    Location
    Indiana
    Posts
    267

    Default puzzling anti-virus results

    I have my Clamtk scheduled to scan my home directory at a given time each day. The Scheduled scan will have a half dozen suspicions. But if I do a manual scan, then the scan will have clean results. Clamtk does receive its updates every day, and I do expect to see a false positive on occasion.

    What I find puzzling is the results from schedule to manual.
    Mike

    AMD Athlon(tm) II X3 435 Processor, (RAM): 8.0 GiB, openSUSE Leap 42.2, (x86_64)
    KDE: 4.10, ATI Radeon HD Graphics

  2. #2
    Join Date
    Jun 2008
    Location
    The English Lake District. UK - GMT/BST
    Posts
    36,729
    Blog Entries
    20

    Default Re: puzzling anti-virus results

    Quote Originally Posted by mike7757 View Post
    I have my Clamtk scheduled to scan my home directory at a given time each day. The Scheduled scan will have a half dozen suspicions. But if I do a manual scan, then the scan will have clean results. Clamtk does receive its updates every day, and I do expect to see a false positive on occasion.

    What I find puzzling is the results from schedule to manual.
    Sounds normal
    Probably a waste of time
    Leap 15.1_KDE
    My Articles Was I any help? If yes: Click the star below

  3. #3
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,882

    Default Re: puzzling anti-virus results

    Quote Originally Posted by mike7757 View Post
    I have my Clamtk scheduled to scan my home directory at a given time each day. The Scheduled scan will have a half dozen suspicions. But if I do a manual scan, then the scan will have clean results. Clamtk does receive its updates every day, and I do expect to see a false positive on occasion.

    What I find puzzling is the results from schedule to manual.
    As not very many people bother to use such types of programs on their Linux systems, I doubt if you will get many usefull answers. The fact that the program you use is not even in the openSUSE standard repos (and thus you installed it from elsewhere) will not make it a well known poduct here either IMHO.

    I do of course not know what it is that you gather in your home directory and you want to test there on MS Windows threatening viruses, but you are an exception.
    Henk van Velden

  4. #4
    Join Date
    May 2010
    Location
    Space Colony Lagrange Point 22° à, 77° Ƅ, 56° ɤ, 99° ɜ
    Posts
    3,166

    Default Re: puzzling anti-virus results

    Quote Originally Posted by mike7757 View Post
    I have my Clamtk scheduled to scan my home directory at a given time each day. The Scheduled scan will have a half dozen suspicions. But if I do a manual scan, then the scan will have clean results. Clamtk does receive its updates every day, and I do expect to see a false positive on occasion.

    What I find puzzling is the results from schedule to manual.
    i always get false positives with Clam for any signed pdf files.
    GNOME Version 3.20.2
    openSUSE Leap 42.3 64-bit

    www.vazhavandan.blogspot.com

  5. #5
    Join Date
    Feb 2013
    Location
    Indiana
    Posts
    267

    Default Re: puzzling anti-virus results

    Quote Originally Posted by vazhavandan View Post
    i always get false positives with Clam for any signed pdf files.
    I do understand false positives. Those will always be there. The difference between scheduled and manual is where I am puzzled. Those 2 scans can be just a few minutes apart.

    Lets just drop the topic, its just one of those stupid things i was thinking about.
    Mike

    AMD Athlon(tm) II X3 435 Processor, (RAM): 8.0 GiB, openSUSE Leap 42.2, (x86_64)
    KDE: 4.10, ATI Radeon HD Graphics

  6. #6
    Join Date
    Jun 2008
    Location
    Sogndal, Noreg
    Posts
    1,103

    Default Re: puzzling anti-virus results

    I don't think it is that irrelevant as many of us do e.g. network sharing with windows machines.

    And ClamAV, for which ClamTK is just a front-end, is still an official package (standard repo) with 12.3

    I don't do scheduled scans, but I use ClamAV (from command line) from time to time.
    OpenSuSE 13.1, KDE 4.11.5, 64bit
    Gigabyte 990FXA-UD3, AMD FX8350, MSI GeForce GTX 760, RME HDSP9632, 16GB HyperX Kingston DDR3, Samsung 840-Pro SSD 128GB, WD Desktop Black 1TB, Hitachi Deskstar 7K1000 750GB

  7. #7
    Join Date
    Jun 2008
    Location
    Sogndal, Noreg
    Posts
    1,103

    Default Re: puzzling anti-virus results

    And, by the way, if you wish me to set-up and test a scheduled scan Mike, I can do that.
    OpenSuSE 13.1, KDE 4.11.5, 64bit
    Gigabyte 990FXA-UD3, AMD FX8350, MSI GeForce GTX 760, RME HDSP9632, 16GB HyperX Kingston DDR3, Samsung 840-Pro SSD 128GB, WD Desktop Black 1TB, Hitachi Deskstar 7K1000 750GB

  8. #8
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: puzzling anti-virus results

    On 2013-05-22 18:46, mike7757 wrote:

    > What I find puzzling is the results from schedule to manual.


    Are you sure they both use the same options?

    You can use the 'ps' command with appropriate options to learn the
    actual command line used, if you do it while it is running.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.1 x86_64 "Asparagus" at Telcontar)

  9. #9
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,882

    Default Re: puzzling anti-virus results

    Quote Originally Posted by robin_listas View Post
    On 2013-05-22 18:46, mike7757 wrote:

    > What I find puzzling is the results from schedule to manual.


    Are you sure they both use the same options?

    You can use the 'ps' command with appropriate options to learn the
    actual command line used, if you do it while it is running.

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 12.1 x86_64 "Asparagus" at Telcontar)
    Oh yes, when the OP realy wants others to look in this case, he should provide information:
    . the cron entry (and when it aclls a script, the script of course) of the"scheduled run";
    . the command as typed for the "manual run".
    Henk van Velden

  10. #10

    Default Re: puzzling anti-virus results

    Carlos E. R. wrote:
    > On 2013-05-22 18:46, mike7757 wrote:
    >
    >> What I find puzzling is the results from schedule to manual.

    >
    > Are you sure they both use the same options?
    >
    > You can use the 'ps' command with appropriate options to learn the
    > actual command line used, if you do it while it is running.


    What Carlos said. It's almost certainly some options set in the
    scheduled job that you don't use when running it manually, IMHO.

    How is the scheduled job started? And are there any config files that
    might be scanned?

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •