Recent changes to feature-requests

#12 Monitor only certain folders

lwc — Sun, 13 Oct 2019 05:56:05 -0000

I'm willing to settle for the basic function of scanning new files I download manually...

How many signatures do other leading antiruses roughly release every day?

#12 Monitor only certain folders

lwc — Sat, 12 Oct 2019 19:08:25 -0000

What do you mean "Clam Sentinel is unable to detect most of the malware since
2014"? Clam Sentinel is not an an antivirus, ClamWin is. Sentinel is just a way to launch ClamWin to scan new files.

All we ask is to only launch Sentinel for specific folders.

#12 Monitor only certain folders

dma — Sat, 12 Oct 2019 09:02:57 -0000

I would also like this feature to be implemented, being able to choose directories that only have to be monitored for scanning.
Because it's not conceivable to exclude all folders adjacent to Firefox folder one by one in user files directory, for example.

Use clamd daemon for scanning

Wed, 01 Jun 2016 08:12:52 -0000

I've been using ClamWin for a while. On old system with Windows XP Clam Sentinel is very slow in detecting threads, also takes a lot of CPU usage. Lately I found out how to configure clamd daemon to work as a Windows Service. The basic features work with Clam Sentinel, but most of the parameters are different. Though with the clamd daemon loaded to memory the detection is really fast, it instantly reacts and causes less cpu activity. Can you make Clam Sentinel work with clamd or make the used scan engine settings more configurable? i used this: http://oss.netfarm.it/clamav/

Include a changelist for each new version

lwc — Sun, 14 Dec 2014 00:02:00 -0000

There's currently no way to know what's the difference between old and new versions.
It would be handy to know if and which features were added to new versions.

Thanks!

Make the reporting balloons clickable

lwc — Sat, 21 Jun 2014 11:02:00 -0000

Please add the ability to click reporting balloons.

At the very least, I think clicking the balloons should open the relevant folder and select the reported file. You can accomplish that with this command:

explorer.exe /select,

For example, if the infected file is c:\foobar\infected.txt, then run the following command when the balloon is clicked:

explorer.exe /select,c:\foobar\infected.txt

In case you've just quarantined the infected file, the clickable balloon could use this command (assuming quarantined files are located in c:\quarantined):

explorer.exe /select,c:\quarantined\infected.txt

#13 Disable suspicious origin

Timberwolf Programmers — Sat, 10 May 2014 17:35:29 -0000

Anything? Updates? Something?

#13 Disable suspicious origin

Timberwolf Programmers — Thu, 27 Mar 2014 09:56:50 -0000

My problem is that all MSI installers have their files quarintined, that is if I have quarintine set, for suspicious origin, even Microsoft's. And any download gets it, the download could be anything from an image to a simple text file let alone an exe. I am a programmer and when I build something, it give it the same status. I think it would be better if it scans anything with supicious origin, rather than auto-assume it's infected.

Sincerely,
Patrick Thomas (Timberwolf)
Timberwolf Programmers Owner & Founder

Disable suspicious origin

Timberwolf Programmers — Thu, 20 Mar 2014 01:59:24 -0000

Disable suspicious origin

#7 Ask the user what to do when virus is found

ctrl — Mon, 10 Mar 2014 20:08:55 -0000

I beg to differ: the EICAR test string is of course executable and that's exactly its peculiarity. It has been designed to be easy to copy and paste because it's a sequence if ascii chars, but it's a "regular" com file using int21 to write to stdout. It doesn't run anymore on x64 architecture just because NTVDM is missing there, but still runs on 32 bits and displays a text string in console.

It is not harmful, right, but all av software detect it as a regular threat because it's a test, otherwise it wouldn't be useful at all, and so does clamav, of course:

dario@sandy:~$ clamscan /tmp/vtest.com
/tmp/vtest.com: Eicar-Test-Signature FOUND

----------- SCAN SUMMARY -----------
Known viruses: 3233585
Engine version: 0.97.8
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 4.688 sec (0 m 4 s)

So I don't know if clamsentinel has some specific logic on the EICAR test, but I don't see why it should. I thought this program was there to fill the gap between clamav and a windows native antivirus, since clamav lacks a realtime scanner. So as a consequence I imagined it would lock access to files waiting for clamav clearance, but since it doesn't with EICAR (I was able to save the file on my pc with clamsentinel active and then run it), I guess I misunderstood and it's not the way it's meant to be, my bad.