On Apr 19, 2005, at 1:56 PM, Daniel J McDonald wrote:
On Tue, 2005-04-19 at 11:52 -0600, lists wrote:How should I submit this to see if it is a virus?
Make certain detectbrokenexecutable is enabled.
Stupid question but I thought I might as well ask anyway...going in on my own system to enable this option, I saw the following above it:
# By default clamd uses scan options recommended by libclamav. This option
# disables recommended options and allows you to enable selected ones below.
# DO NOT TOUCH IT unless you know what you are doing.
# Default: disabled
#DisableDefaultScanOptions
Do I want to remove the hash before DisableDefaultScanOptions in order to get the
# ClamAV to perform a deeper analysis of executable files and it's also
# required for decompression of popular executable packers such as UPX, FSG,
# and Petite.
# Default: enabled
#ScanPE
ScanPE
# With this option clamav will try to detect broken executables and mark # them as Broken.Executable # Default: disabled #DetectBrokenExecutables DetectBrokenExecutables
sections to work?
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html
