Signature Format - arlotalkington/Virus-Be-Gone GitHub Wiki

Virus Be Gone Wiki: Signature Format

What Are Signatures?

Signatures are the core of Virus Be Gone’s virus detection system. Each signature is a unique pattern or hash that identifies a known malware or virus. The scanner compares files against these signatures to detect infections.

Signature File Location

Virus Be Gone stores signature files in the signatures/ folder inside the program directory.

Signature File Format

Each signature file is a .json. The general format for a signature line is:

  {
    "hash": "395d094ab3c1bd35e6e697c883428f8b23efe8bf4669a359ff252fdefb4b0ae6"
  }

How Signatures Are Used

During scanning, Virus Be Gone reads all signatures from the signature files.
It compares files against the signature patterns based on their type.
If a match is found, the file is flagged as suspicious or infected.
Matched signatures are logged with their description and ID for reference.

Adding Custom Signatures

You can add your own signatures by editing or adding new files inside the `signatures/` folder following the format above.

Tips for Signature Management

Keep signature files updated regularly for better protection.
Use clear descriptions to help identify threats quickly.
Test custom signatures carefully to avoid false positives.

Troubleshooting

If signatures aren’t loading, check that the files are correctly formatted and saved in the signatures/ folder.
Avoid duplicate signature IDs to prevent conflicts.