On Mon Jun 20 2011 13:40:06 GMT+0200 (CET) ANANT S ATHAVALE <[email protected]> wrote: > Dear Tomasz Kojm, > > But by setting ArchiveBlockEncrypted = off, I will not be able to detect > even encrypted zip, am I right?
Yes, you're right. However please keep in mind we create sigs for encrypted malware, so you should still be able to catch real threats. > May be I should disable ScanPDF? This will disable the PDF parser, which is required for most sigs for PDF malware. Disabling ArchiveBlockEncrypted will be more safe. -- oo ..... Tomasz Kojm <[email protected]> (\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg \..........._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Mon Jun 20 14:11:04 CEST 2011 _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
