Hi ClamAV community, Hope this email finds you well. I’m writing to inquire about the proper usage of ClamAV and whether it’s suggested to run ClamAV within a sandbox to avoid infecting other files/applications in the host if a malware is detected. I have two main questions:
1. When scanning a given file, will ClamAV only do static analysis(based on signature database) or it will execute the file and analyze its behavior? If the file is a malware and we use ClamAV to scan the file, will it possibly infect the scanner or infect other files/applications on the host? 2. Is there any built-in sandbox mechanism in ClamAV so that when it scans a file, the file can be scanned in an isolated environment? Thank you so much! Looking forward to hearing from you. Best, Jiayi
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
