Hello all,

I am using clamwin command line scanner, and recently came up with the following problem:
On a ppt file, when I run a command line scan, all is ok, but when I run a manual scan using the UI, I get a virus identification! How's that possible?

The identification I get is "bc.expliot.cve_2010_0815" - What is that? a virus?

Thanks in Advance.

The B.C. detection is a byte-code heuristic detection. I do not know why it is not detected in the command line use. Perhaps the command line does not use the byte-code signature file.

Submit the file to Jotti or Virus Total for verification. If it is a false positive, submit it to Clam AV (submit a file) via their main web page. On the submission form, be sure to change the type from virus to false positive.

Regards,

As far as I can see, the command line has a default parameter that says it loads bytecode from the database. However, the "Load unsigned bytecode" parameter is not enabled by default - could that be the reason for the difference?