Hi, > In addition, there a brilliant Third-Party signature decoder here, which > will easily show you the content of the Third-Party signature, > just cut/paste or type in the signature name and it'll decode it: > > http://www.sanesecurity.com/clamav/decodesigs.htm
Some time ago I was trying to decode a third-party signature, and this above link was helpful. It seems I'm having difficulty with another one, however. I tried the link above, and it doesn't seem to decode it. I also came across a reference to doing this from the command line, and receive an error using this method too: # sigtool -fwinnow.malware.47853 | sigtool --decode-sigs ERROR: decodesig: Invalid or not supported signature format TOKENS COUNT: 3 Isn't that the proper way to do this? Just running sigtool returns: # e42724a855ce18d0890c15f2805769db:15872:winnow.malware.47853 Ideas greatly appreciated. Thanks, Alex _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
