Re: [Clamav-users] question about Clamav anti virus for old …

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MM\Jim Preston at <-
MMMM 
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Sarocet
Date:  
To: ClamAV users ML
Subject: Re: [Clamav-users] question about Clamav anti virus for old mac OS 9.2
G.W. Haywood wrote:
> Third, ClamAV _can_ be used to scan files on a machine. But that's
> all it really does, it scans them and tells you if it thinks any of
> them might be infected. That doesn't sound to me like what you want.
> I think you want something that will 'disinfect' them. ClamAV doesn't
> do that. It might tell you that a file is infected (it might even be
> right about that:) but it would then be up to you to decide what to do
> about it. Now if you're scanning incoming mail, the decision is easy.
> You drop the mail and maybe send a message to the administrator of the
> system that is scanning the mail (NOT to the sender of the mail if you
> have any sense, because the address was most likely forged). When you
> scan files on a computer, things are a little more complicated. If a
> file is flagged as infected that might indeed mean that it's infected.
> You might then think that you have to do something to the file, to
> disinfect it. Or maybe just delete it. But it could also mean that
> it's an important system file that just happens to look like it's
> infected. This would be what we call a 'false positive'. You need to
> be able to make an educated guess (er, decision) about these things,
> to distinguish between genuine infections and false positives, because
> if you just romp around your operating system deleting all the files
> which trigger ClamAV (or any other virus scanner) you might find that
> you've done more damage to the operating system than the virus would
> ever have done.
>

Well, other AV products face the same issue. They may ask you your
decision in a messagebox
instead, or take a decision for you. But all of them have false
positives, and they do sometimes
break your OS by decididing to remove some system file.



Julie wrote:
> I have been told by the computer engineers who have been helping me try to
> get to the bottom of this that the virus is contained in Microsoft Office
> Word 2001, and does not affect any other systems, so that sending emails is
> perfectly safe and will not endanger any other computer.
Yes. *As far as you don't send Office files with your email*.


Tom Shaw wrote:
> For 2004 and before, I can't remember what to
> do for these older versions of MS Office but you can set up these to
> warn you if a document contains VB Macros.
>
It's a program option (Tools/Options). It said something like "Ask me
when I open files with macros"
or "Disable files with macros". 

_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


This message was posted to the following mailing lists:
clamav-users
Mailing List Info | Nearby Messages		<-Re: [Clamav-users] I have trouble with freshclam[Clamav-users] Fwd: [Clamav-announce] Sourceforge CCA '09: watch the video!->
ClamAV Mailing List Archive administrated by Luca GibelliLurker (version 2.1)