I got bitten by this too in jessie-updates (after wasting some time being *sure* local signature I was just creating at the time made clamd crash silently)...
I did: rm -f /var/lib/clamav/*.yar (just removing "antidebug_antivm.yar was not enough) and put: enable_yararules="" in /etc/clamav-unofficial-sigs/user.conf and after restarting clamd, it seems to work fine... Hopefully it won't download them again. Still wondering how much of protection is lost without YARA rules? _______________________________________________ Pkg-clamav-devel mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-clamav-devel
