Results 1 to 5 of 5

Thread: clamscan line not finding a test virus

  1. #1

    Default clamscan line not finding a test virus

    I use clamscan as an engine for my app known as scanvirus. It doesn't show any virus on one type command line. It does on another type command line. FYI, I download a test virus from a website. Clamscan normally finds the virus in the downloads folder.

    This is the normal scan virus line. I can't post the whole app. It's too large.

    Code:
    nice -"$CS_Priority" clamscan -r / --exclude-dir=/sys --exclude-dir=/proc --exclude-dir=/dev --exclude-dir=/.snapshots --follow-dir-symlinks=0 --follow-file-symlinks=0 --cross-fs=no | Scan_Results_Filter
    Change the priority to lowest and send results to the the filter.

    So, I simplied the line to this.

    Code:
    clamscan -r -i / --exclude-dir=/sys --exclude-dir=/proc --exclude-dir=/dev --exclude-dir=/.snapshots --follow-dir-symlinks=0 --follow-file-symlinks=0 --cross-fs=no
    This finds no viruses.


    Code:
    /home/username/Downloads # clamscan -r --exclude-dir=/sys --exclude-dir=/proc --exclude-dir=/dev --exclude-dir=/.snapshots --follow-dir-symlinks=0 --follow-file-symlinks=0 --cross-fs=no
    This does find a virus.

  2. #2
    Join Date
    Jun 2008
    Location
    Podunk
    Posts
    29,638
    Blog Entries
    15

    Default Re: clamscan line not finding a test virus

    Quote Originally Posted by lord_valarian View Post
    I use clamscan as an engine for my app known as scanvirus. It doesn't show any virus on one type command line. It does on another type command line. FYI, I download a test virus from a website. Clamscan normally finds the virus in the downloads folder.

    This is the normal scan virus line. I can't post the whole app. It's too large.

    Code:
    nice -"$CS_Priority" clamscan -r / --exclude-dir=/sys --exclude-dir=/proc --exclude-dir=/dev --exclude-dir=/.snapshots --follow-dir-symlinks=0 --follow-file-symlinks=0 --cross-fs=no | Scan_Results_Filter
    Change the priority to lowest and send results to the the filter.

    So, I simplied the line to this.

    Code:
    clamscan -r -i / --exclude-dir=/sys --exclude-dir=/proc --exclude-dir=/dev --exclude-dir=/.snapshots --follow-dir-symlinks=0 --follow-file-symlinks=0 --cross-fs=no
    This finds no viruses.


    Code:
    /home/username/Downloads # clamscan -r --exclude-dir=/sys --exclude-dir=/proc --exclude-dir=/dev --exclude-dir=/.snapshots --follow-dir-symlinks=0 --follow-file-symlinks=0 --cross-fs=no
    This does find a virus.
    Hi
    Perhaps not traversing mounted partitions, assuming /home is on a separate one and a different filesystem? What if you cd to /?
    Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
    SUSE SLE, openSUSE Leap/Tumbleweed (x86_64) | GNOME DE
    If you find this post helpful and are logged into the web interface,
    please show your appreciation and click on the star below... Thanks!

  3. #3

    Default Re: clamscan line not finding a test virus

    Did a full system update as of today.

    I was in the home/username directory. I did this line.

    Code:
    clamscan / -r --exclude-dir=/sys --exclude-dir=/proc --exclude-dir=/dev --exclude-dir=/.snapshots --follow-dir-symlinks=0 --follow-file-symlinks=0 --cross-fs=no
    Another day, I did this line again. This time using "cd .." again and again, until I reached the rootdir (/).

    Code:
    ----------- SCAN SUMMARY -----------
    Known viruses: 6815660
    Engine version: 0.100.3
    Scanned directories: 32042
    Scanned files: 216701
    Infected files: 0
    Code:
    #blkid -o list
    
    device                fs_type   label      mount point              
    ----------------------------------------------------------------------------------------------------------
    /dev/sda1             vfat                 /boot/efi                 
    /dev/sda2             btrfs                (in use)                
    /dev/sda3             swap                 [SWAP]
    My last opensuse install had a separate home directory. This time I just used defaults. I'll add back the separate home directory when I upgrade to 'opensuse 15.2'.

    Navigating to home\username\downloads I do.

    Code:
    #clamscan
    
    ----------- SCAN SUMMARY -----------
    Known viruses: 6815660
    Engine version: 0.100.3
    Scanned directories: 1
    Scanned files: 16
    Infected files: 1
    Same directory:

    Code:
    clamscan --exclude-dir=/sys --exclude-dir=/proc --exclude-dir=/dev --exclude-dir=/.snapshots --follow-dir-symlinks=0 --follow-file-symlinks=0 --cross-fs=no
    
    ----------- SCAN SUMMARY -----------
    Known viruses: 6815660
    Engine version: 0.100.3
    Scanned directories: 1
    Scanned files: 16
    Infected files: 1
    ??

  4. #4

    Default Re: clamscan line not finding a test virus

    My real username is masked, but the idea is the same.


    Code:
    clamscan -r --exclude-dir=/sys --exclude-dir=/proc --exclude-dir=/dev --exclude-dir=/.snapshots --follow-dir-symlinks=0 --follow-file-symlinks=0 --cross-fs=no > /home/username/Downloads/clamscan_test.txt
    I did this command and searched the text file for '/home/username/Downloads'. I get nothing.

    I searched for the home directory. I see this.

    Code:
    /home: Excluded
    /opt: Excluded
    /root: Excluded
    /srv: Excluded
    /tmp: Excluded
    /usr/local: Excluded
    I didn't exclude the home directory.

    ??

  5. #5

    Default Re: clamscan line not finding a test virus

    This issue has turned into another one. So, I'm closing it.

    Thanks for help.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •