To be honest that is an option that should probably not exist as it is
especially dangerous owing to lack of intelligence in the decision process
coupled with the opportunity for false positives (barely hinted at in the
clamdscan --help screen). Given the real possibility of crippling a system it
isn't a feature I would suggest is a "cure" offered by the software, and it
requires substantial knowledge of the risks involved and best practices to
offset some of that risk. If a person were to try this in a corporate
environment I would strongly recommend doing so without any third-party or
self-generated signatures installed for no other reason than to minimize the
number of people who have to show up in court during the lawsuit that follows. :)
dp
On 1/28/15 7:47 AM, Steven Morgan wrote:
clamscan and clamd options exist to remove or move (--move --remove)
infected files. The documentation indicates use with care. I've not tried
them myself.
Steve
On Tue, Jan 27, 2015 at 7:40 PM, Dennis Peterson <denni...@inetnw.com>
wrote:
He wants to know if ClamAV takes any corrective action such as quarantine
or even remediate the problem by replacing corrupted files with originals.
ClamAV does neither, but it can alert tertiary software to perform
quarantining and provide notification of a need for user initiated
remediation.
One can conjecture the wisdom of auto-remediation by an AV product, but
some of the worst botch jobs I've ever worked with were done by
well-meaning AV products that got fix-up wrong.
dp
On 1/27/15 4:13 PM, Joel Esler (jesler) wrote:
I believe I emailed this privately to you. ClamAV can have the ability
to quarantine an infected file if it finds one.
We don’t know what you mean by the word “cure”. Can you elaborate what
you mean there for the group?
--
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Talos
On Jan 27, 2015, at 7:10 PM, Jihyun-Chang <jhyun_ch...@naver.com<mailto:
jhyun_ch...@naver.com>> wrote:
Is there no one to answer me ?
===============================================
Dear ClamAV Team,
Hi~ I am a student interested in security.
I found ClamAV as Anti-virus program and it looks good to me while
looking through User-manual.
I have a few questions about ClamAV. Does it can use as a cure (It means
ClamAV can fix the scanned files) or just virus-scanner ? (It means ClamAV
cannot support fix the scanned files)
It seems not mentioned in User-manual and http://www.clamav.net/index.
html.
It may not have seen my eyes only :)
Could you explain my request?
I will be looking forward to your reply.
Thanks in advance for any help.
~Chang~
-----Original Message-----
From: "Jihyun-Chang"<jhyun_ch...@naver.com<mailto:jhyun_ch...@naver.com>>
To: "Joel Esler (jesler)"<jes...@cisco.com<mailto:jes...@cisco.com>>;
Cc: "clamav-devel-ow...@lists.clamav.net<mailto:clamav-
devel-ow...@lists.clamav.net>"<clamav-devel-ow...@lists.clamav.net
<mailto:clamav-devel-ow...@lists.clamav.net>>; "clamav-users-owner@lists.
clamav.net<mailto:clamav-users-ow...@lists.clamav.net>"<
clamav-users-ow...@lists.clamav.net<mailto:clamav-
users-ow...@lists.clamav.net>>;
Sent: 2015-01-27 (화) 11:29:01
Subject: Re: I have some queries about ClamAV
I wrote the user list already but nobody answer my questuon for two
weeks. I don't know why it is taking so long. Even though my question is
not difficult.
thanks. Best regards.
-----Original Message-----
From: "Joel Esler (jesler)" <jes...@cisco.com<mailto:jes...@cisco.com>>
To: Jihyun-Chang <jhyun_ch...@naver.com<mailto:jhyun_ch...@naver.com>>
Cc: "clamav-devel-ow...@lists.clamav.net<mailto:clamav-
devel-ow...@lists.clamav.net>" <clamav-devel-ow...@lists.clamav.net
<mailto:clamav-devel-ow...@lists.clamav.net>>
Sent: 2015. 1. 27. 오전 11:20:20
Subject: Re: I have some queries about ClamAV
You are writing the development list. You should be writing the users
list unless you are contributing development code.
--
Joel Esler
Sent from my iPhone
On Jan 26, 2015, at 9:07 PM, Jihyun-Chang <jhyun_ch...@naver.com<mailto:
jhyun_ch...@naver.com>> wrote:
can you hear me ?
I'm waiting answer from ClamAV team long time ago..
-----Original Message-----
From: "Jihyun-Chang"<jhyun_ch...@naver.com<mailto:jhyun_ch...@naver.com>>
To: <clamav-de...@lists.clamav.net<mailto:clamav-de...@lists.clamav.net
;
Cc:
Sent: 2015-01-22 (목) 17:19:18
Subject: I have some queries about ClamAV
Dear ClamAV Team,
Hi~ I am a student interested in security.
I found ClamAV as Anti-virus program and it looks good to me while
looking through User-manual.
I have a few questions about ClamAV. Does it can use as a cure (It means
ClamAV can fix the scanned files) or just virus-scanner ? (It means ClamAV
cannot support fix the scanned files)
It seems not mentioned in User-manual and http://www.clamav.net/index.
html.
It may not have seen my eyes only :)
Could you explain my request?
I will be looking forward to your reply.
Thanks in advance for any help.
~Chang~
[http://mail.naver.com/readReceipt/notify/?img=FmFjWNkl1zcYar%
2B5M6CoMrU9KziCFAb9MxMdFxkoF4UXpxk4Frp0Kqu%2FKxF4MdIo%
2BrkSKxt5W4d5W4C5bX0q%2BzkR74FTWx%2FsMrwCW6Jr7630%
2B4kn76eXW4kZtzwGbX3q74FnM69C%2BSl5pBt5.gif]
[http://mail.naver.com/readReceipt/notify/?img=FY%2BjWNkl1zcYar%
2B5M6CoKxUwpxbXFxMXM43SKx0vM6FoFxE9Fq0vMoblpzMmtzFXp6UwaLl5W
Ll51zlqDBFdp6d5MreRhoR8pBFnpBigMr0qMrY5MreR.gif]
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
