[clamav-users] Continuous increase of startup time (is daily.cld broken?)
steveb_clamav at sanesecurity.com
Mon Oct 7 12:04:50 EDT 2019
On 7 October 2019 15:25:41 "J.R. via clamav-users"
<clamav-users at lists.clamav.net> wrote:
> I don't know how the viruses are tracked, but maybe to reduce size (if
> applicable) some of the more ancient viruses that only affect EOL
> operating systems (or programs that should have long since been
> patched) could be spun-off into a separate definition file (that could
> be optionally disabled)? Seems like it would be quite a waste of
> resources for most if there were like a million definitions that only
> affected Windows XP or Office 2003 or something like that...
If you also take a peek at hashes:
Number of hashes:
grep "130ae8f338cc705a26fa5fa635d8673a" daily.hsb
First Seen In The Wild ---> 2016-06-03 20:34:00
Last Submission ---> 2016-06-03 20:37:03
Document Name: Rotech AG_Faktur dot doc
So, is the above hash still relevant or should it moved into archived.hsb,
which by default doesn't load ?
Perhaps, daily.* are hashes up to a year old, main.* for hashes two years
old and everything else into archive.*
Or jsut drop document hashes over a year old ??
It's a difficult one to suit all uses of ClamAV I guess.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the clamav-users