I tried to post this in the Feature Request section, but it seems to be for moderators only.

One important feature I see missing is the clamdscan. This is a part of ClamAV, and is in win32/win64 builds of ClamAV, but not in ClamWin. The reason this is useful is because it would allow for scanning to be done via a remote scanner on the network. Since scanning is very CPU intensive, this would enable lightweight desktops to offload the scanning onto a single more powerful shared scanner machine.

It is also useful for things like virtualization. Since virtualization comes with a non-trivial performance hit it can be cheaper in terms of CPU to simply send the file to the host running clamd for scanning rather than doing it inside the VM context. Further, it seems silly to be wasting ~200MB of RAM per VM on clamscan when this could be centralized into a single location so much more efficiently.

This _can_ all be worked around - I can install a win32/win64 build of ClamAV, and in the configuration change the clamscan.exe path to clamdscan.exe in the ClamAV directory, with a configuration file set up to use a remote clamd server (TCPSocket/TCPAddr). It works fine, even though it throws warning about various options passed to clamscan that clamdscan doesn't understand. It just strikes me that since all the components to make this work are already there it would be pretty trivial to add this feature properly and remove the need for a workaround like this.

I believe the feature request has been disabled. I'm not sure, but I think there is a note somewhere there explaining how to report bugs/features. I have passed this post on to the developers. I understand that clamdscan also would be a preliminary step toward real-time scanning. Thank you.

Regards,

On-access scanning (sort of, almost) can be had using Clam Sentinel - this is what I use. I just find it preferable to do the scanning somewhere other than the local machine.

Yes, I've used Clam Sentinel since Andrea Russo first developed it, and I'm glad you are using it. The Clam Sentinel heuristic detections compensate pretty well for ClamWin's lack of on-access/Real-time scanning and over-reliance upon basic signatures. Sentinel works best at detecting downloaded malware files or malware that doesn't execute too quickly. There can be a bit of a detection gap for fast-acting malware.

Regards,

The last post on the Requests forum gives a location for future items. See it at https://forums.clamwin.com/viewtopic.php?t=51 on these forums.

Re: Clamd, according to Sherpya there are some problems with implementing it due to some present ClamWin features/code, but it works pretty well (although not thoroughly tested) on his Clam AV Windows port. Perhaps that port could become the basis for a new ClamWin.

Regards,