IMHO that doesn't answer the question. When I see a message like:
/path/to/file: Win.Exploit.Unicode_Mixed-1 FOUND sigtool can only tell me how that signature is defined, ie. what content it considers malicious. In order to decide on an appropriate course of action I'd like to know what the perceived threat is, ie. *why* someone thought that a file matching that particular signature would be malicious. That's not something sigtool can provide. Am 28.06.2018 um 13:22 schrieb Maarten Broekman: > Answered > > TL;Dr > > Use sigtool to find and decode the signature. > > Sent from a tiny keyboard > >> On Jun 28, 2018, at 06:57, Nikita Yerenkov-Scott <[email protected]> >> wrote: >> >> Hello, >> >> A question on this matter exists on this Linux site: >> https://askubuntu.com/questions/571342/clamav-virus-detections-documentation >> However it never received an answer. So I am wondering if there is an >> answer to that now or how things work? And if there are any plans to >> regulate the signature names so that they are more regular and people >> actually know what they mean. This would be highly useful especially >> to those wanting to remove any trouble the viruses may or may not have >> caused after ClamAV quarantines them. >> >> >> Thanks, >> >> Nikita Yerenkov-Scott >> _______________________________________________ >> clamav-users mailing list >> [email protected] >> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >> >> >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml > _______________________________________________ > clamav-users mailing list > [email protected] > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > -- Tilman Schmidt Head of System and Network Engineering Tel. 0221 / 95 64 95 .417 Fax 0221 / 95 64 95 .999 e-Mail [email protected] cardtech Card & POS Service GmbH Richard-Byrd-Straße 37 50829 Köln www.cardtech.de AG Köln, HRB 20164 Geschäftsführer: Dr. Dietrich Gottwald, Christof Kohns, Jens Mahlke _______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
