Doug thanks for your reply.
i read thru the file but still am not 100 percent sure will this be the command in case i want all zipped exe files to be detected as virus. i tried this command but does not work sigtool --md5 Ziptest:0:.*\.exe:*:*:*:*:*:* > virusexe.zmd can you please check the above and let me know thanks very much rajesh ps : i dont wish to use sanesecurity because it cause a lot of false positives in my email system. > You can use a zmd signature detailed in this doc: > http://www.clamav.net/doc/latest/signatures.pdf > > Here is an example signature for detecting files with the .sh extension: > Ziptest:0:.*\.sh:*:*:*:*:*:* > > - Doug > > > > On Tue, Sep 17, 2013 at 7:08 AM, Rajesh M <[email protected]> > wrote: > >> hi >> >> i wish to know the steps to prepare signature so that clamav will detect >> all zipped files containing files with extensions pif, scr, exe, com, >> bat, >> cmd, vbs, lnk, cpl, vbs as virus -- immaterial of whether they contain >> virus or not. >> >> what is the process for this. >> >> is there is any documentation which describes this ? >> >> thank you very much. >> >> rajesh >> >> >> >> >> _______________________________________________ >> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net >> http://www.clamav.net/support/ml >> > _______________________________________________ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://www.clamav.net/support/ml > _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
