Awesome news on the PCRE inclusion. Looking forward to that.
dp
On 10/29/15 4:13 PM, Alain Zidouemba wrote:
FYI, PCRE support is coming in ClamAV 0.99. There is a release candidate
here if you want to try it: http://www.clamav.net/downloads
___
On Fri, October 30, 2015 8:07 am, Deyan Chepishev wrote:
> Hello,
>
>
> Thank you for the answer.
>
>
> There is probably something missing in the doc, because the signature is
> not properly working with the current clamav release 0.98.7
>
I confirm the same here...
I think it was a bug that's
Hello,
Thank you for the answer.
There is probably something missing in the doc, because the signature is not
properly working with the current clamav release 0.98.7
I tried the following signature:
testsig:0:*:!(6e6f74)62616466756e6374696f6e28
___not___badfunction(
If I sca
Check out
https://github.com/vrtadmin/clamav-devel/blob/master/docs/signatures.pdf,
section 3.2.4.
You should be able to write something like:
!(not)badfunction(
FYI, PCRE support is coming in ClamAV 0.99. There is a release candidate
here if you want to try it: http://www.clamav.net/downloads
Hello,
I have a signature, which matches bad things, but also is giving me a lot of
false positives. The reason for this is, that the bad code is actually subset of
the good code, which gives me the false positive.
What I mean:
I have signature, which matches for example:
badfunction(
howe
