Hello. I've been using up-to-date ClamWin on my WinXP machine,
but lately I'm drowning in "Suspect.DoubleExtension-zippwd-15 FOUND" messages.
Something about scanning zip archives is generating false-positives regularly.

If I manually extract the whole zip file, the resulting folder is always found to be clean.
I modified one such zip archive,
(extract, remove all two shortcuts ".txt.lnk" , ".pdf.lnk", re-zip)
and then it scanned as clean.
(The targets of those shortcuts were also included within the archive.)
I made a complementary modified archive,
removing all items except the shortcut, the targets, and the folders they were in.
The targets were eviscerated, reduced to a few readable text bytes each.
It remained SUSPECT.

So I think the scan is objecting to any shortcut stored in a zip archive.
This is going to be a problem for me, if that message cannot be suppressed.
I tried adding an exclusion for "*.lnk", but the SUSPECT message remained.

Am I missing something?

The detection is actually for a zipped file that contains a double extension. In other words. something like: filename.txt.lnk. I see this detection frequently when working signatures for malware. A double extension used to be very indicative of malware, but lately, lots of legitimate files seem to be using double extensions (including Microsoft). They should not be using double extensions, as a double extension was one of the first heuristics employed by the antivirus companies. However, they often ignore security implications (heavy packing, sloppy .dll files, etc.) and make it difficult for the AV companies.

I suggest you exclude the exact double extensions you do not want scanned in ClamWin's Preferences, Filters, Exclude Matching Filenames. Use *.1stExtension.2ndExtension. Examples: *.txt.lnk and *.pdf.lnk. That should solve your problem. It's probably not a good idea to exclude all double extensions.

Regards,