Hello, sometimes clamav is to rigorous and "kills" some uploaded php-files where no malware can be found. but in this case i want to stop a specific directmailer (spam) with russian origin from being uploaded. File was submitted already but seems not to be included in official malware. Now i did my own signature with:
sigtool --md5 malwarename > malwarename.hdb Now is the question whats the best way to do my own signatures? If i add some whitespace to malware the md5 signature seems to not fit and malware is not found. Thanks, Andre _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
