First off thank you to all the folks who are developing clamwin. I am impressed how actively it is receiving updates.

I currently have it installed on 5 or 6 machines at my workplace and I was wandering if the strategy I developed is good one.

I have CW updating it's database once a day and then automatically running a scan twice a day. I am not sure if I should have it set to automatically remove virus's. If I just quarantine the virus's I am correct that this places them in a folder that renders them useless unless moved back out of that folder?

I had the following error messages (see below) after running CW and this is the reason I asked all the above questions. Just some things you should know about this computer. It is a server we do not use MSSQL so I am not sure why it said it can't open these files. Also as you can see in the log file it deleted 4 virus's from the clamwin quaratine folder. That is because I had the box checked that said move viruses to the quarantine folder.



--------------------------------------

Scan started: Thu Aug 17 07:12:32 2006





C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060803-080003-00.hdmp: Removed

C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060804-065146-00.hdmp: Removed

C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060804-075100-00.hdmp: Removed

C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060805-065152-00.hdmp: Removed

ERROR: Can't open file C:\pagefile.sys

ERROR: Can't open file C:\Program Files\Exchsrvr\MDBDATA\priv1.edb

ERROR: Can't open file C:\Program Files\Exchsrvr\MDBDATA\priv1.stm

ERROR: Can't open file C:\Program Files\Exchsrvr\MDBDATA\pub1.edb

ERROR: Can't open file C:\Program Files\Exchsrvr\MDBDATA\pub1.stm

ERROR: Can't open file C:\Program Files\Exchsrvr\MDBDATA\tmp.edb

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\master.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\mastlog.ldf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\model.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\modellog.ldf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\msdbdata.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\msdblog.ldf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\STS_Config.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\STS_Config_log.LDF

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\STS_OEMSBSCN-2267_1.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\STS_OEMSBSCN-2267_1_log.LDF

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\STS_swd01_1.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\STS_swd01_1_log.LDF

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\tempdb.mdf

ERROR: Can't open file C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Data\templog.ldf

ERROR: Can't open file C:\WINDOWS\NTDS\ntds.dit

ERROR: Can't open file C:\WINDOWS\NTDS\temp.edb

ERROR: Can't open file C:\WINDOWS\ntfrs\jet\ntfrs.jdb

ERROR: Can't open file C:\WINDOWS\ntfrs\jet\temp\tmp.edb

ERROR: Can't open file C:\WINDOWS\SoftwareDistribution\EventCache\6F17C922-6C96-448A-9771-BB476F8A8987.bin

ERROR: Can't open file C:\WINDOWS\system32\dhcp\dhcp.mdb

ERROR: Can't open file C:\WINDOWS\system32\dhcp\tmp.edb

ERROR: Can't open file C:\WINDOWS\system32\wins\wins.mdb

ERROR: Can't open file C:\WINDOWS\system32\wins\winstmp.mdb

ERROR: Can't open file C:\WINDOWS\Temp\LBB.tmp

ERROR: Can't open file C:\WINDOWS\Temp\LBC.tmp

ERROR: Can't open file D:\Shared\Installation schedule\Cabinet Makers Schedule\~WRL2534.tmp



C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060803-080003-00.hdmp: BeBe2 FOUND

C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060804-065146-00.hdmp: BeBe2 FOUND

C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060804-075100-00.hdmp: BeBe2 FOUND

C:\Documents and Settings\Administrator\.clamwin\quarantine\clamscan.exe.20060805-065152-00.hdmp: BeBe2 FOUND

-- summary --

Known viruses: 65452

Engine version: 0.88.3

Scanned directories: 7213

Scanned files: 71470

Infected files: 4



Data scanned: 84795.81 MB

Time: 31409.828 sec (523 m 29 s)LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-2d7527660f34c6c5\_r~\___



--------------------------------------

Completed

--------------------------------------

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-de177f7c339dc021\_15_\___

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-9fd04a2b923f208f\_15_\___

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-5c1148d1617ccad6\_15___\__M_

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-528633ab9b73cbc1\_r~\___

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-c1939e6905d644ab\_15___\__M_

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-7f51d574c9c31430\_15___\__M_

LibClamAV Error: ERROR: failed to create file: c:\docume~1\admini~1\locals~1\temp\1\clamav-65661f39974390aa\_15_\___

from the log fils there isn't anything suspicious. Some software will install MSSQL desktop engine without you knowing it, and if you use Sharepoint, then you definitely have a MSSQL database.