Hi, We are seeing instances when customer uploads his zip files which contains core files/core dumps during scanning ClamAV is treating some of them as “Heuristics.Broken.Executable FOUND”. Currently we have turned-on this check in the clamd.conf as below.
*# With this option clamav will try to detect broken executables (both PE and* *# ELF) and mark them as Broken.Executable.* *# Default: no* *DetectBrokenExecutables yes* The question is why ClamAV is treating core files/core dumps as “Heuristics.Broken.Executable FOUND”. Is it safe to turn-off this setting for ClamAV? or is there way to skip these checks for core files/core dumps in ClamAV? Thanks Ravi _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
