Ignoring Signatures

Unfortunately, some clamav signatures generate a lot of false positives such as the YARA docx_macro signature that just checks whether an office document contains macros regardless whether the macro is intentional or a virus.

To disable signatures, create a file in the clamav signature database directory (to be found on Debian at /var/lib/clamav/local.ign2) containing signature names line-by-line. For instance, to stop YARA from flagging office documents with macros as viruses, add the line:

docx_macro

to the newly created file.


fuss/clamav.txt ยท Last modified: 2022/04/19 08:28 by 127.0.0.1

Access website using Tor Access website using i2p Wizardry and Steamworks PGP Key


For the contact, copyright, license, warranty and privacy terms for the usage of this website please see the contact, license, privacy, copyright.