 |
 | On-access scanner |  |
|
dr.yak
|
|
Altough the ClamAV engine it self doesn't have a On-Access scanner, there exist some programs that can hook system calls and run the scanner before each execution (functionning as a "On-Access" layer between Windows and ClamAV).
It would be good if a few of them were mentionned on the main page, next to the messages that says that ClamWin doesn't do On-Access scans, so users may know what to do to get some On-Access functionnality. Example : https://winpooch.sf.net winpooch is an open-source application that, among other things, can hook Sys::Exec and run antiviruses (although it doesn't hook anything in case of DLL loading). I'm sure other users know other such programs for windows, and I'ld be nice to build a list of these. Also, a link to the https://addons.mozilla.org/extensions/moreinfo.php?id=771&application=firefox FireFox extension will be nice, at least until the extension https://www.clamwin.com/content/view/48/33/ gets into the clamwin package... |
|||||||||||
|
|||||||||||||
 |
| |
|
alch
Site Admin
|
|
Winpooch is not really suitable do to it's technical limitations. I won't go into technical details here, contact me if you need more info why is it not suitable. Firefox Glue also has a drawback where if you select to execute a file instead of saving it then the file will run before being scanned. We will not include this plugin until we can find a solution. |
|||||||||||||
|
|||||||||||||||
|
| |
|
dr.yak
|
|
I think you're referring to the fact that files are only scanned before running, and not all the other numerous way by which some code may end-up in memory (loadings DLLs, opening program file and directly reading them into memory, opening other data files that may contain code and/or exploits ("enhanced" format office documents), direct disk read/write, overwriting programm with malicious doe, etc...) or maybe also to the fact it only runs in Administrator mode : Yes, Winpooch and other such programs aren't the "Ultimate (tm) Perfect (r) Solution (c)". But, those softwares may provide a nice additionnal security feature. And I though maybe I'ld be nice to point to such solutions for people interested in them. |
|||||||||||||
|
|||||||||||||||
|
| |
|
alch
Site Admin
|
|
My opinion is that false sense of security is much worse then knowing you are unportected and behaving accordingly. Therefore such software will never be officially endorsed by clamwin. We do develop a comprehensive solution with on-access scanner instead. |
|||||||||||||
|
|||||||||||||||
|
| |
|
DGM
|
|
yes please
|
|||||||||||
|
|||||||||||||
|
| Winpooch | |
|
GuitarBob
|
|
Winpooch isn't stable on my Windows XP Media Edition SP2. Like most of the behavior blockers and other fancy stuff, the last beta edition wanted to be the main application and tiried to take over my computer.
ClamWin is on the right track. There needs to be an intelligent compromise with security software. In other words, it needs to provide protection for what a user is likely to encounter (not everything), without being overly intrusive and let the user perform normal operations. Regards, |
|||||||||||
|
|||||||||||||
|
 | On-access scanner | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.