> https://www.clamav.net/documents/file-hash-signatures
Need to clarify further based on the example in above link: so if I have the MD5 hash but not the malicious file itself, I'd add the MD5 value into a line in test.hdb & then run clamscan -d test.hdb / (ie scan for the MD5 in the entire server??) But what I need is to find out if the MD5 hash is already incorporated in our ClamDB (or is there a way for to trace back past virus-db releases) assuming I have not subscribed to one?? Sun _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
