TechQA.

Virus database main.cvd uncompression

1.8k views Asked by At

In my previous question (Hexadecimal virus signatures database), I asked where I can get a hex virus signature database, and the answer was: ClamAV. So I downloaded the "main.cvd" database and was told that it was a compressed tar file. I have two questions to ask:

  1. are the signatures in hex format (of course when uncompressed)?
  2. how do I uncompress the "main.cvd" file to view its contents, do i just rename it to main.tar and then uncompress it?
database virus-scanning virus-definitions
Original Q&A
3

There are 3 answers

1
Seif Shawkat On BEST ANSWER

I was able to do It by using a text editor and removing the first 512 bytes. Then renamed the file extension to .tar.gz and opened it using winrar

0
bng44270 On

I have found this one-line set of commands to work nicely:

xxd -ps -s 512 <CVD-FILE> | xxd -r -ps | tar -zx
1
Phil L. On

Run:

dd if=main.cvd of=clamav_main.tar.gz skip=1 bs=512
tar zxvf clamav_main.tar.gz
chmod 700 *

Related Questions in DATABASE

Related Questions in VIRUS-SCANNING

Related Questions in VIRUS-DEFINITIONS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions