[clamav-users] Heuristics.Broken.Executable FOUND for core files/core dumps
Ravi
ravin4u at gmail.com
Fri Oct 27 10:39:42 UTC 2017
Hi,
We are seeing instances when customer uploads his zip files which contains
core files/core dumps during scanning ClamAV is treating some of them as
“Heuristics.Broken.Executable FOUND”. Currently we have turned-on this
check in the clamd.conf as below.
*# With this option clamav will try to detect broken executables (both PE
and*
*# ELF) and mark them as Broken.Executable.*
*# Default: no*
*DetectBrokenExecutables yes*
The question is why ClamAV is treating core files/core dumps as
“Heuristics.Broken.Executable FOUND”. Is it safe to turn-off this setting
for ClamAV? or is there way to skip these checks for core files/core dumps
in ClamAV?
Thanks
Ravi
More information about the clamav-users
mailing list