Thanks for that. I guess ‘Hash Value’ refers to the ClamAV identifying the .dmg as a known file that contains virus/es.
Jinwon > On 29/03/2015, at 2:48 pm, Al Varnell <alvarn...@mac.com> wrote: > > > On Sat, Mar 28, 2015 at 06:35 PM, Jinwon Lee wrote: >> >> Thanks for the responses. I am not a computer expert so I might not fully >> understand >> all that has been discussed but it sounds like ClamXav extracts(decompose?) >> archive files like zip, RAR and then scan. But with .dmg >> file it is uncertain that it does the same thing. >> >> It sounds like ClamXav is not ‘complete’ yet. > > Again, we are discussing the ClamAV® scan engine here which is used by > ClamXav but is not the same thing. ClamXav is just the user interface that > allows you to use the scan engine on your computer. > > Perhaps I wasn’t clear on the results of my testing, but they indicate that > the scan engine will not look at the contents of a .dmg file until you mount > it on your desktop. It’s not so much that it’s incomplete, but I would have > to guess that it’s not possible to do so. The scan may identify the .dmg > file itself as one known to contain malware, depending on whether or not a > sample was previously received and a signature prepared for it. > > > -Al- > -- > Al Varnell > Mountain View, CA > > > > > > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
