Sigtool clamav

Posted on 2007-09-30
Last Modified: 2013-11-22
how to use Sigtool.
I found a sample for sigtool. but I cannot understand.
I know sigtool is used to generate virus signature , how can I prove it from clamav.

Test Data For the virus to be detected during the testing, the content of packet sent must match the data in the database directory. using the ClamAV sigtool this can be done

  sigtool --unpack-current daily.cvd
using sigtool generate the hex for the data to be sent

  sigtool --hex-dump
  output is 76697275732E3239352E620a
This signature can be stored in daily.db file in the format below

MalwareName=HexSignature using prefixes like DOS, Trojan, Worm etc for virus names. Example

     DOS.vs.295b (Clam)=76697275732E3239352E62
Question by:llvllar1on
    1 Comment
    LVL 10

    Accepted Solution


    Consult this file:


    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
    UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now