I am testing the operation of ClamAV/SquidClamAV but it is not entirely clear that it works correctly. I explain.
I have installed SquidClamAV which has installed the ClamAV dependency. There, all correct. I have waited for the ClamAV Signature File to be downloaded and I have activated the corresponding module in the Proxy:
In Services, everything appears correctly:
Now it’s time to test if it works or not. Ok, I agree to download the “Eicar” Test Virus in “HTTP” and this appears (¡Pruebe si realmente su antivirus lo está protegiendo!):
It seems to work! But on the same page I repeat it again, downloading the same file again and wham, he eats it with potatoes.
It is detected by the Windows Defender of the Windows 11 that I have.
It is no longer detected on this page unless you delete it from your browser’s temporary files.
Is it normal operation?
Greetings and thanks.