...
|
...
|
@@ -199,6 +199,16 @@ Default: 2048
|
199
|
199
|
Detect Possibly Unwanted Applications.
|
200
|
200
|
.br
|
201
|
201
|
Default: No
|
|
202
|
+.TP
|
|
203
|
+\fBExcludePUA CATEGORY\fR
|
|
204
|
+Exclude a specific PUA category. This directive can be used multiple times.
|
|
205
|
+.br
|
|
206
|
+Default: Load all categories (if DetectPUA is activated)
|
|
207
|
+.TP
|
|
208
|
+\fBIncludePUA CATEGORY\fR
|
|
209
|
+Only include a specific PUA category. This directive can be used multiple times.
|
|
210
|
+.br
|
|
211
|
+Default: Load all categories (if DetectPUA is activated)
|
202
|
212
|
.TP
|
203
|
213
|
\fBAlgorithmicDetection BOOL\fR
|
204
|
214
|
In some cases (eg. complex malware, exploits in graphic files, and others), ClamAV uses special algorithms to provide accurate detection. This option controls the algorithmic detection.
|
...
|
...
|
@@ -274,7 +284,7 @@ Always block cloaked URLs, even if URL isn't in database. This can lead to false
|
274
|
274
|
Default: no
|
275
|
275
|
.TP
|
276
|
276
|
\fBHeuristicScanPrecedence BOOL\fR
|
277
|
|
-Allow heuristic match to take precedence. When enabled, if a heuristic scan (such as phishingScan) detects a possible virus/phish it will stop scan immediately. Recommended, saves CPU scan-time. When disabled, virus/phish detected by heuristic scans will be reported only at the end of a scan. If an archive contains both a heuristically detected virus/phish, and a real malware, the real malware will be reported Keep this disabled if you intend to handle "*.Heuristics.*" viruses differently from "real" malware. If a non-heuristically-detected virus (signature-based) is found first, the scan is interrupted immediately, regardless of this config option.
|
|
277
|
+Allow heuristic match to take precedence. When enabled, if a heuristic scan (such as phishingScan) detects a possible virus/phishing it will stop scanning immediately. Recommended, saves CPU scan-time. When disabled, virus/phishing detected by heuristic scans will be reported only at the end of a scan. If an archive contains both a heuristically detected virus/phishing, and a real malware, the real malware will be reported. Keep this disabled if you intend to handle "*.Heuristics.*" viruses differently from "real" malware. If a non-heuristically-detected virus (signature-based) is found first, the scan is interrupted immediately, regardless of this config option.
|
278
|
278
|
.br
|
279
|
279
|
Default: no
|
280
|
280
|
.TP
|