if the flie is compressed with rar, you need to install the needed toolset.but on proxmox its not detecting whats odd
Follow below link to enable clamav rar support.but on proxmox its not detecting whats odd
clamscan -id /var/lib/clamav securiteinfo0hour.hdb /root/bademail.eml
securiteinfo0hour.hdb: No such file or directory
WARNING: securiteinfo0hour.hdb: Can't access file
/root/bademail.eml: SecuriteInfo.com.Exploit.CVE-2018-0802.Gen.27640.18064.UNOFFICIAL FOUND
----------- SCAN SUMMARY -----------
Known viruses: 12902762
Engine version: 0.103.5
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.66 MB
Data read: 0.30 MB (ratio 2.22:1)
Time: 37.121 sec (0 m 37 s)
Start Date: 2022:05:25 00:15:48
End Date: 2022:05:25 00:16:25
root@mail:/var/lib/clamav# ls -l -h
total 592M
-rw-r--r-- 1 clamav clamav 586K Oct 14 2020 MiscreantPunch099-Low.ldb
-rw-r--r-- 1 clamav clamav 1.5K Jul 1 2015 Sanesecurity_sigtest.yara
-rw-r--r-- 1 clamav clamav 1.3K Feb 22 2016 Sanesecurity_spam.yara
-rw-r--r-- 1 clamav clamav 98K May 16 07:48 badmacro.ndb
-rw-r--r-- 1 clamav clamav 495K May 25 00:06 blurl.ndb
-rw-r--r-- 1 clamav clamav 3.4K Oct 14 2020 bofhland_cracked_URL.ndb
-rw-r--r-- 1 clamav clamav 610 Oct 14 2020 bofhland_malware_URL.ndb
-rw-r--r-- 1 clamav clamav 104K Oct 14 2020 bofhland_malware_attach.hdb
-rw-r--r-- 1 clamav clamav 9.5K Oct 14 2020 bofhland_phishing_URL.ndb
-rw-r--r-- 1 clamav clamav 287K Mar 9 2021 bytecode.cvd
-rw-r--r-- 1 clamav clamav 56M May 24 03:42 daily.cvd
-rw-r--r-- 1 clamav clamav 241K May 24 11:06 foxhole_filename.cdb
-rw-r--r-- 1 clamav clamav 51K Sep 11 2020 foxhole_generic.cdb
-rw-r--r-- 1 clamav clamav 3.8K Aug 18 2017 foxhole_js.cdb
-rw-r--r-- 1 clamav clamav 230 Nov 21 2016 foxhole_js.ndb
-rw-r--r-- 1 clamav clamav 69 May 16 23:08 freshclam.dat
-rw-r--r-- 1 clamav clamav 48K Aug 5 2015 hackingteam.hsb
-rw-r--r-- 1 clamav clamav 15M May 24 01:42 javascript.ndb
-rw-r--r-- 1 clamav clamav 6.7M May 24 11:06 junk.ndb
-rw-r--r-- 1 clamav clamav 661K May 24 11:06 jurlbl.ndb
-rw-r--r-- 1 clamav clamav 172K May 24 19:06 jurlbla.ndb
-rw-r--r-- 1 clamav clamav 240K May 12 03:06 lott.ndb
-rw-r--r-- 1 clamav clamav 163M Nov 10 2021 main.cvd
-rw-r--r-- 1 clamav clamav 73 Oct 14 2020 malware.expert.fp
-rw-r--r-- 1 clamav clamav 73 Oct 14 2020 malware.expert.hdb
-rw-r--r-- 1 clamav clamav 246 Oct 14 2020 malware.expert.ldb
-rw-r--r-- 1 clamav clamav 130 Oct 14 2020 malware.expert.ndb
-rw-r--r-- 1 clamav clamav 73K Jun 29 2017 malwarehash.hsb
-rw-r--r-- 1 clamav clamav 147 Oct 14 2020 malwarepatrol.db
-rw-r--r-- 1 clamav clamav 4.1M May 24 09:06 phish.ndb
-rw-r--r-- 1 clamav clamav 600K Feb 5 10:00 phishtank.ndb
-rw-r--r-- 1 clamav clamav 31K May 24 21:01 porcupine.hsb
-rw-r--r-- 1 clamav clamav 640K May 25 00:00 porcupine.ndb
-rw-r--r-- 1 clamav clamav 847K Mar 16 00:22 rfxn.hdb
-rw-r--r-- 1 clamav clamav 442K Dec 1 2020 rfxn.ndb
-rw-r--r-- 1 clamav clamav 401K Aug 17 2020 rfxn.yara
-rw-r--r-- 1 clamav clamav 292K May 25 00:06 rogue.hdb
-rw-r--r-- 1 clamav clamav 13K Mar 31 10:07 sanesecurity.ftm
-rw-r--r-- 1 clamav clamav 1.9M May 24 04:05 scam.ndb
-rw-r--r-- 1 clamav clamav 108 Nov 16 2020 scamnailer.ndb
-rw-r--r-- 1 clamav clamav 11M May 24 21:48 securiteinfo.hdb
-rw-r--r-- 1 clamav clamav 3.7K May 16 23:08 securiteinfo.ign2
-rw-r--r-- 1 clamav clamav 1.7M May 24 13:45 securiteinfo.mdb
-rw-r--r-- 1 clamav clamav 123 May 19 10:45 securiteinfo.pdb
-rw-r--r-- 1 clamav clamav 3.3K May 16 23:09 securiteinfo.yara
-rw-r--r-- 1 clamav clamav 38K May 25 00:11 securiteinfo0hour.hdb
-rw-r--r-- 1 clamav clamav 9.1M May 24 20:17 securiteinfoandroid.hdb
-rw-r--r-- 1 clamav clamav 8.8M May 24 21:17 securiteinfoascii.hdb
-rw-r--r-- 1 clamav clamav 5.1M May 24 20:47 securiteinfohtml.hdb
-rw-r--r-- 1 clamav clamav 299M May 16 23:08 securiteinfoold.hdb
-rw-r--r-- 1 clamav clamav 210K May 24 20:17 securiteinfopdf.hdb
-rw-r--r-- 1 clamav clamav 7.2K Dec 31 2020 shelter.ldb
-rw-r--r-- 1 clamav clamav 394 Apr 21 08:11 sigwhitelist.ign2
-rw-r--r-- 1 clamav clamav 556 May 5 2017 spam.ldb
-rw-r--r-- 1 clamav clamav 4.6M May 25 00:11 spam_marketing.ndb
-rw-r--r-- 1 clamav clamav 1.4K Apr 28 2017 spamattach.hdb
-rw-r--r-- 1 clamav clamav 20K May 5 07:06 spamimg.hdb
-rw-r--r-- 1 clamav clamav 115 Oct 14 2020 spear.ndb
-rw-r--r-- 1 clamav clamav 115 Nov 27 2018 spearl.ndb
-rw-r--r-- 1 clamav clamav 987K May 25 00:09 urlhaus.ndb
-rw-r--r-- 1 clamav clamav 64 Apr 20 09:14 winnow.attachments.hdb
-rw-r--r-- 1 clamav clamav 660 Mar 5 2018 winnow.complex.patterns.ldb
-rw-r--r-- 1 clamav clamav 66 Mar 5 2018 winnow_bad_cw.hdb
-rw-r--r-- 1 clamav clamav 65 Apr 20 09:08 winnow_extended_malware.hdb
-rw-r--r-- 1 clamav clamav 159 Mar 5 2018 winnow_extended_malware_links.ndb
-rw-r--r-- 1 clamav clamav 65 Apr 20 09:00 winnow_malware.hdb
-rw-r--r-- 1 clamav clamav 15K Nov 26 2019 winnow_malware_links.ndb
-rw-r--r-- 1 clamav clamav 6.5K Nov 13 2018 winnow_phish_complete_url.ndb
-rw-r--r-- 1 clamav clamav 2.8K Nov 14 2018 winnow_spam_complete.ndb
I think you're using clamscan wrong - see the manpage: `man clamscan`clamscan -id /var/lib/clamav securiteinfo0hour.hdb /root/bademail.eml
root@mail:~# clamscan -i /root/bademail.eml
/root/bademail.eml: SecuriteInfo.com.Exploit.CVE-2018-0802.Gen.27640.18064.UNOFFICIAL FOUND
----------- SCAN SUMMARY -----------
Known viruses: 12908794
Engine version: 0.103.5
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.66 MB
Data read: 0.30 MB (ratio 2.22:1)
Time: 44.959 sec (0 m 44 s)
Start Date: 2022:05:30 14:14:30
End Date: 2022:05:30 14:15:15
We use essential cookies to make this site work, and optional cookies to enhance your experience.