Hi, I noticed the following anomaly when scanning a tar.gz file compared to scanning the result of untarring it. Scanning the tar.gz file results in less "data read" than scanning the files which it expands to (as one would expect), but the "data scanned" amount is *much* more for the tar.gz file than for the resultant files in the directory tree.
Does this indicate some problem with the way clamav handles compressed files, or is it some peculiarity of this tar.gz file? Paul Kosinski ---------------------------------------------------------------------- 09:51:08 u...@host:~/src/openssl> clamscan -ri openssl-0.9.8k/ ----------- SCAN SUMMARY ----------- Known viruses: 537879 Engine version: 0.95 Scanned directories: 134 Scanned files: 2003 Infected files: 0 Data scanned: 13.86 MB Data read: 12.99 MB (ratio 1.07:1) Time: 10.665 sec (0 m 10 s) 09:51:24 u...@host:~/src/openssl> clamscan openssl-0.9.8k.tar.gz openssl-0.9.8k.tar.gz: OK ----------- SCAN SUMMARY ----------- Known viruses: 537879 Engine version: 0.95 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 35.54 MB Data read: 3.67 MB (ratio 9.68:1) Time: 14.661 sec (0 m 14 s) _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
