[clamav-users] Question about .cvd files

Al Varnell alvarnell at mac.com
Thu Apr 13 03:23:45 EDT 2017


Modifying those databases will invalidate their code signing so you would also have to modify the scanning software to ignore security, which would be difficult at best and obviously not a good idea. 

You would also have to filter out all the non-windows signatures every time there is an update, which is currently three times a day.

-Al-

On Wed, Apr 12, 2017 at 10:56 PM, crazy thinker wrote:
> 
> Hi All,
> 
> I would like to install ClamAV for Windows Desktop Operating System. I know
> that ClamAV Official Database (.cvd files) contains all kinds of malware in
> terms of platform specific (Linux,UNIX,Unix Like) in single
> file(s)(daily.cvd ,main.cvd)  and i heard that unix malware can't effect
> windows machine  or vice versa. so i would like to separate the windows
> malware signatures from ClamAV Official database and add them in custom
> virus database to optimize the  virus database size and to improve windows
> malware detetcion faster.
> 
> if my thouhgts and  understanding is wrong, please correct me
> 
> Any help and suggestions would be appreciated on this
> 
> On 13 April 2017 at 05:52, Dennis Peterson wrote:
>> The ClamAV product is designed to be used for real time detection with
>> mail transport agents and to respond on detection. These mail transport
>> agents are capable of delivering malware that will run on any architecture.
>> In a perfect world everyone that runs an MTA would test outbound mail for
>> malware and block before sending. But that doesn't happen and so we use
>> ClamAV for inbound mail for self-protection. Since email service providers
>> cannot predict what architecture their users are using they use tools that
>> try to protect every architecture and the signatures provide that support.
>> 
>> dp
>> 
>> On 4/12/17 9:13 AM, crazy thinker wrote:
>>> Hi ClamAV  Developer, users
>>> 
>>> I have below Questions on ClamAV Virus Database
>>> 
>>> 1.what information bytecode.cvd contatins?  and how it is useful in
>>> malware
>>> detection?
>>> 
>>> 2.Why not ClamAV release virus databse in terms of platform specific like
>>> Windows,Linux,Mac OS X,Androind,BSD etc? is there any logic behind this?
>>> 
>>>  3.How to  separate malware  signatures  based on target operating system
>>> to optimize database size?
>>> 
>>> Could Anyone of you please help me in this.....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3569 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20170413/457c5a3c/attachment.bin>


More information about the clamav-users mailing list