clamav-users June 2010 archive
| Main Archive Page > Month Archives > clamav-users archives |
Re: [Clamav-users] PUA.HTML.Infected.WebPage-1
From: Steve Basford <steveb_clamav_at_nospam>Date: Thu Jun 03 2010 - 12:57:02 GMT
To: "ClamAV users ML" <clamav-users@lists.clamav.net>
>
> You can use 'sigtool -fPUA.HTML.Infected.WebPage' to find and print the
> sigs, no need to unpack.
Also works for:
sigtool -fSanesecurity.Phishing.Fake.13780 | sigtool --decode-sigs
Could a --database type option be added to sigtool, for loading databases
outside the normal DatabaseDirectory area from the clamd.conf file?
Cheers,
Steve
Sanesecurity
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml