 |
 | Excludes using clamscan |  |
|
sg08234
| Joined: 06 Apr 2019 |
| Posts: 0 |
| Location: Berlin |
|
|
 Posted: Sat Apr 06, 2019 2:30 am |
|
 |
 |
|
|
I found many different answers on how to exclude filres and/or directories:
Why does the follwoing command (test example) does not exclude the files/directories as entered:
"c:\r_sps\progs\ClamWinPortable\bin\clamscan.exe" "c:\Program Files (x86)" --recursive --memory --stdout --database="c:\r_sps\progs\ClamWinPortable\db" --infected --exclude="c:\Program Files (x86)\AutoIt3\Uninstall.exe" --exclude="c:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\32BitMAPIBroker.exe" --exclude-dir="c:\Program Files (x86)\AOMEI Backupper" --exclude-dir="c:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.6" --exclude-dir="c:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit" --exclude-dir="c:\ProgramData\Package Cache\{F7AADEDA-233A-1079-CD15-03AEB050F0C6}v10.1.14393.0\Installers" --exclude-dir="c:\r_sps\progs" "c:\Program Files (x86)\Advanced BAT to EXE Converter PRO" --exclude-dir="c:\Program Files (x86)\AOMEI Backupper" --exclude-dir="c:\Program Files (x86)\AutoIt3" --exclude-dir="c:\Program Files (x86)\Windows Kits\10" --exclude-dir="c:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.6" --log="d:\temp\clamscan.log"
Many thanks - Michael
|
|
|
 |
| | |
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
| Posted: Sat Apr 06, 2019 2:31 pm |
|
|
|
|
|
I'm not much of batch programmer, but I suggest that you exclude the files you want in the ClamWin GUI and then check the exclude section in the Clamwin configuration file. Below is mine:
excludepatterns = *.tbb|CLAMWIN_SEP|*.pst|CLAMWIN_SEP|*.dat|CLAMWIN_SEP|*.log|CLAMWIN_SEP|*.evt|CLAMWIN_SEP|*.nsf|CLAMWIN_SEP|*.ntf|CLAMWIN_SEP|C:\Users\Bob's LG Gram\AppData\Local\Programs\Opera\57.0.3098.110\installer.exe|CLAMWIN_SEP|C:\USERS\BOB'S LG GRAM\APPDATA\LOCAL\PROGRAMS\OPERA\57.0.3098.116\INSTALLER.EXE|CLAMWIN_SEP|C:\WINDOWS\SOFTWAREDISTRIBUTION\DOWNLOAD\INSTALL\AM_DELTA_PATCH_1.*.EXE|CLAMWIN_SEP|C:\USERS\BOB'S LG GRAM\APPDATA\LOCAL\VIRTUALSTORE\WINDOWS\SOFTWAREDISTRIBUTION\DOWNLOAD\*|CLAMWIN_SEP|C:\WINDOWS\SOFTWAREDISTRIBUTION\DOWNLOAD\*
Does this give you any ideas? There is a |CLAMWIN_SEP| between each item excluded.
Thanks for using ClamWin!
Regards,
|
|
|
|
| | |
|
sg08234
| Joined: 06 Apr 2019 |
| Posts: 0 |
| Location: Berlin |
|
|
| Posted: Mon Apr 08, 2019 2:57 am |
|
|
|
|
|
Thanks to your suggestion I established an tested the following rules:
:: --- _R_VIRENSCAN_EXCL_FILES (--exclude): Exclude-Strings (Dateinamen/-patterns in Hochkommata, relative Pfade, \\ statt \, durch "," getrennt)
:: Beispiele: "*.tmp"
:: "*.tmp","LoadDrv.exe"
:: "temp\\virus.tmp"
:: Leer oder nicht definiert: Kein File-Exclude
:: --- _R_VIRENSCAN_EXCL_DIRS (--exclude-dir) : Exclude-Strings (Verzeichnisnamen/-patterns in Hochkommata, relative Pfade, \\ statt \, durch "," getrennt)
:: Achtung: Subdirectories werden nicht berücksichtigt!
:: Beispiele: "temp\\Test_Virenscan\\*"
:: "temp\\Test_Virenscan1\\*","temp\\Test_Virenscan2\\*"
|
|
|
|
| | |
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
| Posted: Mon Apr 08, 2019 2:53 pm |
|
|
|
|
|
I'm glad it worked for you..
Remember that the ClamWin developers recommend that we use ClamWin only as a backup scanner to a real-time antivirus for best protection when you are on the web. ClamWin is not doing much development (at the moment it is several versions behind the Clam AV engine we use), and the signatures we get from Clam AV are primarily for Linux email servers.
By the way, do you think it is possible to write a new GUI for ClamWin using a scripting language (like Python maybe)?
Thanks for using ClamWin!
Regards,
|
|
|
|
| | |
|
sg08234
| Joined: 06 Apr 2019 |
| Posts: 0 |
| Location: Berlin |
|
|
| Posted: Tue Apr 09, 2019 1:19 am |
|
|
|
|
|
Yes - I use clamwin (clamscan) only as a backup scanner to a real-time antivirus.
I already encountered the problem that the signature seem to be old respectively not Windows-adjusted. Can you recommend another backup scanner?
As I am only interested in using clamwin vir CLI (clamscan) I can't say anything conerning a new GUI for ClamWin. My main interest is an actual public malware Windows based scanner (see above).
Regards - Michael
|
|
|
|
| | |
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
| Posted: Tue Apr 09, 2019 1:52 am |
|
|
|
|
|
The Clam AV signatures are just not enough to provide users with good protection against today's malware. It is getting harder for a true free AV to keep up with it, so I think that ClamWin will probably be the last public malware Windows based AV scanner. I do not know how much longer it will be around--probably not long. Almost all of the other "free" AVs target their users for something (ads, browser installs, GPS location, software used information, etc.)
Microsoft's free (for personal/light business use) Windows Defender (Security Essentials on older computers) is a good scanner, and it is being constantly improved behind the scenes. If you still want to use it with another primary AV, you can schedule a Windows Defender scan from the Security Dashboard interface via the Windows Defender Antivirus Options. It is just as good as most of the other AVs. Another good backup scanner is Malwarebytes Free. Also, Dr. Web's CureIT can clean up almost any infection. It is free, but it is not updated after installation, and you have to download a new version every few days.
Regards,
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
| |
