Hi, I get in trouble with the following virus signature:
virus was found: Oversized.PDF As I can see, the "virus" is triggered by pdf.c in conjunction with maxratio config parameter. Until today there has been only (and many) false positives according to this alert. Is there a way to disable or bypass the problem? I don't want to increase the maxratio-parameter to unlimited because it controls zip-files as well. I've got the problem since 2007-02-10. Maybe there is a special signature involved? Can I disable a special signature? Thanks a lot, Urs Here is my config information: ------- clamd daemon 0.91.2 (OS: linux-gnu, ARCH: i386, CPU: i386) Running as user clamav (UID 103, GID 104) Log file size limit disabled. Reading databases from /var/clamav Not loading PUA signatures. Loaded 293678 signatures. Unix socket file /var/run/clamav/clamd Setting connection queue length to 30 Listening daemon: PID: 8437 Archive: Archived file size limit set to 134217728 bytes. Archive: Recursion level limit set to 32. Archive: Files limit set to 4096. Archive: Compression ratio limit set to 999. Archive support enabled. Archive: Blocking archives that exceed limits. Algorithmic detection enabled. Portable Executable support enabled. ELF support enabled. Mail files support enabled. Mail: Recursion level limit set to 16. OLE2 support enabled. PDF support enabled. HTML support enabled. Self checking every 1800 seconds. ------- -- Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten Browser-Versionen downloaden: http://www.gmx.net/de/go/browser _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
