 |
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
 Posted: Mon May 05, 2008 4:07 am |
|
 |
 |
|
|
Could be--the file appeared to be obfuscated when I opened it in Notepad. At any rate, Clam recognized it as malware when scanned from the Windows Explorer context menu, but when I activated the .exe in my virtual machine, ClamMon checked and said it was okay. Evidently, the monitor wasn't using the full Clam library like the clamscan was.
I guess we'll just have to wait for version 1.0.
Regards,
|
|
|
|
whitequark
| Joined: 19 Jan 2008 |
| Posts: 0 |
|
|
|
| Posted: Mon May 05, 2008 9:22 am |
|
|
|
|
|
No, it injects it's library in each process and intercepts CreateProcess* functions. Only reason I know is the national encondings - I do some reconding and it works for Russian cp1251, but I don't know about other codepages...
GuitarBob: hmm, using full clam library? I can post the source, maybe I do something wrong, for example loading the db?
|
|
|
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
| Posted: Mon May 05, 2008 1:00 pm |
|
|
|
|
|
Well, in the current version 0.93 the DB files have different names now, and there are only two files. The daily DB file is now called daily.cld. The main DB is main.cvd, but I think it will change to main.cld when it is changed to include the daily.
I will not be much help with the source code--I'm not a programmer.
Regards,
|
|
|
|
maciekpl
| Joined: 30 Apr 2008 |
| Posts: 0 |
| Location: Perth |
|
|
| Posted: Mon May 05, 2008 1:10 pm |
|
|
|
|
|
Post the source, I'll be happy to check it out and lend a helping hand if you need it.
|
|
|
|
bubzie11
| Joined: 25 Sep 2008 |
| Posts: 0 |
| Location: none |
|
|
| Posted: Thu Sep 25, 2008 9:31 am |
|
|
|
|
|
| whitequark wrote: |
An update.
This version was tested on 5 computers during 2 months and a) did not caused any errors b) catched all viruses which was downloaded from internet, started from flash sticks (around 10). Also I made ClamMon real service (without srvany), a nice installer and added cache for checked files - now it firstly checks MD5 of file and if it wasn't found in cache scans it.
It ever did not conflicted with AVP on my computer  |
bubzie11:
This is a virus i downloaded it and avast professional picked it up as a winshock trojin |
|
|
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
| Posted: Thu Sep 25, 2008 3:11 pm |
|
|
|
|
|
I understand the developer has stopped his work on the program.
We are better off waiting for the resident/realtime/on-access version of ClamWin (development continues--no release date).
Regards
|
|
|
|
sherpya
| Joined: 22 Mar 2006 |
| Posts: 0 |
| Location: Italy |
|
|
| Posted: Thu Sep 25, 2008 6:29 pm |
|
|
|
|
|
url removed
|
|
|
|
mnr
| Joined: 03 Oct 2008 |
| Posts: 0 |
|
|
|
| Posted: Fri Oct 03, 2008 11:13 pm |
|
|
|
|
|
Just an idea I don't meet yet in any commercial AV software: add option not to scan files that current user can't write. What this mean? In my network I have many windows workstations where users have very restrictive permissions, and the places where users could write limited to user profile and some network shares. There is no mutch sense to check every file -- we need only scan those that user have write access. I think, such option will improve performance.
|
|
|
|
sherpya
| Joined: 22 Mar 2006 |
| Posts: 0 |
| Location: Italy |
|
|
| Posted: Sat Oct 04, 2008 12:52 am |
|
|
|
|
|
I've removed links to be sure since of some reports in this post, but the files do not look suspicious to me
|
|
|
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
| Posted: Sat Oct 04, 2008 3:25 pm |
|
|
|
|
|
MNR: With the ClamWin configuration options, you can manually configure Clamwin to exclude certain directories from scans done at each of your workstations, and you can also configure it to scan only for files with extensions that you select.
Regards,
|
|
|
|
mnr
| Joined: 03 Oct 2008 |
| Posts: 0 |
|
|
|
| Posted: Sat Oct 04, 2008 3:57 pm |
|
|
|
|
|
| GuitarBob wrote: |
| MNR: With the ClamWin configuration options, you can manually configure Clamwin to exclude certain directories (...). |
Thanks, I know it. But it's duplication of effort: first administrator set rights on filesystem, and than he must mirror them in such exclusion list.
The point is, this exclusion list could be generated as sheduled job. But in that case it could be per-user. |
|
|
|
vitamin0s
| Joined: 20 Mar 2009 |
| Posts: 0 |
|
|
|
| Posted: Thu Apr 09, 2009 3:18 pm |
|
|
|
|
|
Hello all,I just wanted to introduce myself,I am new here and I hope to have a very nice time on this forum.
|
|
|
|
DGM
| Joined: 26 Dec 2006 |
| Posts: 0 |
| Location: Indianapolis, Indiana |
|
|
| Posted: Sun Sep 27, 2009 5:57 am |
|
|
|
|
|
can we get this intagrated in to clamwin
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 3 of 3
|
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
| |
