Hi!
16-Янв-2005 16:56 [EMAIL PROTECTED] (Alch) wrote to
<[EMAIL PROTECTED]>:
>> - if ClamAV is required for ClamWin, why ClamWin points for bases into
>> empty directory under %windows% directory (to be precise, %windows%\All
>> Users\.clamwin\db) instead %ClamAV%\share\clamav?
(Note: ClamWin doesn't includes bases into distribution, whereas ClamAV
does - and there are no warnings about missing bases on site).
A> No it's all included in the setup. Don't mix two projects together -
A> they are mainatined by different people and have differnet goals. The
A> one form SOSDG is a command line distribution of ClamAV to be used in
A> scheduled jobs/ mail server scanning, etc. ClamWin is a user-friendly
A> (hopefully) set of GUI tools to work with clamav.
...which is built-in into Clamwin distributive?
A> And it has it's own
A> folder structure - there are good reasons for that. It sores common
"Sores"?
A> files (logs, virus database, quarantine) in a location suitable for a
A> multi-user environment (Windowss 2000, XP, 2003). This is done to enable
A> all users modify these files in the All Users profile location. Then it
A> stores user specific data (schedules and config) in user's personal
A> profile folder.
Ok, I see. I just never bother itself with multi-user configuration in
W98 on my machine.
A> Shared profile folder location is specified in:
A> "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\S
A> hell Folders", value "Common AppData"
A> Private profile folder locvation is specified in:
A> "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Sh
A> ell Folders", value "AppData"
Ok, I see. Will reconfigure this (I hope, Windows will not prevent me
on this, like it restores path to %windows%\fonts directory).
>> - may I remove %windows%\All Users\.clamwin tree (after configuring my
A> Yes you can as long as it isn't mentioned in your config.
Fine.
>> - where ClamWin stores options? After configuring directories
>> %clamwin%\bin\clamwin.conf wasn't changed.
A> In you profile folder, see "Private profile folder location" above
A> (usually C:\WINDOWS\Application Data\.clamwin).
Yes, I found this after writing this letter.
A> %clamwin%\bin\clamwin.conf is used as a setup template in a multiuser
A> environment - it is copied for every new user into his/her profile
A> folder.
Ok.
>> - who and why creates c:/cygwin/tmp (I mean: is it safe to remove this
>> directory?)? (BTW, %ClamAV%readme-win32.txt mentions TMPDIR environment
>> variable; why to introduce another variables, when there is TEMP and TMP)?
A> This is not created by ClamWin. Maybe it's SOSDG distribution. %TMPDIR
A> is used by clamav and is a standard UNIX tempdir variable.
But I install ClamAV under _Windows_. Probably, this issue (wrong
environment variable usage under Windows) should be fixed in ClamAV?
>> - does "Archives/DoNotExtractMoreThan" option mean, that clamav/clamwin
>> tries to unpack all archive before checking files in this archive (instead
>> checking each file from archive on the fly)?
A> No. It checks files one by one but may stop after specified number fo
A> foiles to prevent DoS.
Hm. Not understand this reason (for partial archive checking). May you
explain it more deeply?
>> - why while (slowly!) loaded "Clamwin Preferences" window, second selection
>> of "Configure Clamwin" menu topic opens second Preferences window?
A> Don't see anything wrong with that.
Two Preferences window? "Nothing wrong"? Definitely wrong.
More notes:
ClamWin
- when I press Stop when scanning, I get message, similar to message from
Task Manager, when it tries to close unresponded (frozen) application.
- with Show Only Infected Files option GUI shows nothing when scanning, thus
it looks like frozen (except animation on left side); without this option
set, log file permanently cleared (because log file becomes over 1Mb) and
there are no indication of current status (how much found, how time
estimated, etc).
- final log doesn't shows which target was scanned.
ClamAV (engine)
- which archive formats are supported (beside ZIP and RAR2)?
- which exepacker formats are supported (UPX? PKLITE? DIET? etc?)?
- how viruses scanned - is there (1) plain signatures search (search of
substrings in files), (2) "templated" (regular?) signatures search, (3)
polymorhic search (for selfmodifying code)? Is there CPU emulation engine?
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
