At 10:48 PM 6/1/2007, jef moskot wrote: >On Fri, 1 Jun 2007, Noel Jones wrote: > > Ok, I've narrowed it down to the following TWO lines in daily.wdb: > > X:http.//www\.ebay\.co\.uk.+:.+emailpics.\.ebay\.com:14- > > X:http.//info.citibank.com.+:https.//offer.citibank.com:14- > >I removed the files in the .inc directories and freshclam pulled down a >new main.cvd and daily.cvd. Deleting daily.cvd stopped clamscan from >dumping core for me. Quick and brainless, but the easiest move to make >when in Panic Mode. > >Not ideal, obviously.
So you're having this same problem? If you remove daily.cvd you won't be protected from a large number of current viruses; far from idea. I used sigtool -u to unpack daily.cvd, then hand-created a daily.inc directory with all the unpacked files, then hand-edited daily.wdb to remove the offending lines. Oh, and then moved daily.cvd out of the way. I've disabled freshclam for the night so my hand-crafted .wdb won't be overwritten, and will revisit this tomorrow. -- Noel Jones _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
