It's many past years now I was not sure but I'm sure now....
This is the major problem that cause clamwin cannot detect many files.

I'm very surprise why clamwin didn't get fix this? or is that no one notice this gap yet?
At first I was doubt that my malware files might mocking my Clamwin.
or my file names are too long over 10 characters that cause Clamwin jump off & missed scanning?

I've scanned the folder that contain 341 of suspicious files they scanned only 45!?!
When I pick scanning mannually Clamwin can detect some Adware.
sample like I pick 4 installers that contain somoto adware among 341
Clamwin can detect somoto adware all 4 of them.... But when I scanned folder that have these files Clamwin Cannot
Is this a bug or something? Seems Clamwin have a problem about scanning a lots of files in folders

The previous clamwin client was detected better than 0.98, 0.97 but I cannot remember which older version already
Because It's too long to remember. But I remember that Clamwin use to be scanned better.
But the new version cannot scan even a single one because it jumped off over scannings.
You should fix this point it's very very important.

When you scan one file with ClamWin, the file extension (.exe, .dll, etc.) does not matter. When you scan a folder with ClamWin, it scans only those extensions that you have configured it to use in the configuration menu--configure ClamWin, filters, scan only matching filenames. Perhaps this is why malware is not detected when you scan a folder. Also, if you have configured ClamWin to exclude a folder from scanning, it will not be scanned.

ClamWin uses the virus/malware signature database from the Clam AV project. It also uses the Clam AV scanning engine. ClamWin will detect files that have a signature in the Clam AV database. If there is no signature for a file, it will not be detected--even if the file is infected with malware.

A few years ago, viruses/malware was not changed very often, but it is changed very often now--sometimes hourly for some malware, and at least every 2 or 3 days for most malware. It is changed so often that ClamAV does not get signatures fast enough to detect a lot of new malware. The signatures in its database is for malware that was submitted a week or two ago. By that time, ClamWin gets a signature for a malware from Clam AV, it is old and the virus writers have a new version for which there is not yet a signature.

Clam AV uses only signatues--it does not have any heuristics (scientific guesses) to detect new malware, so ClamWin can not detect new malware either. The Clam Sentinel project (also free, open source like ClamWin) lets you scan in real-time with ClamWin, and it also has heuristics to detect lots of new malware for which there is no Clam AV signature. The Clam Sentinel site is at https://sourceforge.net/projects/clamsentinel/ on the web.

Regards,

You see.....
1. cannot detect a virus <<< I already plan to submit files to ClamAV analysis later
2. But cannot scan all files are different<<< and I've to discuss this with clamwin
and what I'm talking about is cannot scan all files behaviour.

Beside I'm already configured about .exe already nothing changed I've test & found out that:
1. Select All(Ctrl+A) will not able to scan all files.
2. Scan by select Click+Shift successfully at 250 files per scanning selecting.
or should I say Clamwin cannot exceed over 250 files per scanning by Click+Shift.
3. ClamWin cannot scan non unicode character yet it will report error cannot scan.
Which these behaviour is something need to do fix with ClamWin.

About clamsentinel knowledge I already have that thank you.
But I prefer on demand scan because I'm a virus tester not an End-User.
If I activate my current real time antivirus they'll quarantine 30% of my malware files & I'll not able to list the malware files.

About cannot detect a new virus doesn't matter we can
improve by submit a new malware & update Clamav virus database.
I've collections of malware to submit to ClamAV analysis later.
That's why I need ClamWin to scan all files correctly
So I can list the detect spilt away from undetect and submit those undetect to ClamAV later.

Regards

I worked viruses for Clam AV for 5 years as sigmaker without any ClamWin scanning problems. I do not use shortcuts or the command line with ClamWin--I scan with the mouse or scheduled scan. Set up a virus test folder, exclude the folder from your other AV tools, and exclude the ClamWin signature and quarantine folders from them also. Also exclude the test folder from Clam Sentinel if you do not want it to bother you. Copy virus files (zipped/password protected) to the test folder. Set ClamWin to quarantine. Unzip virus files in the test folder and do a manual scan with ClamWin. ClamWin will quarantine detected files--the unzipped files in the folder will be undetected, so yo can send them to Clam AV. You can restore files from ClamWin quarantine as needed. Use a subfolder under the test folder to keep other tools--debugger, hasher, etc.

Unicode: the ClamWin developers usually rely upon Clam AV for detection capabilities, and Clam AV has not seen fit to improve Unicode detection. Clam Sentinel does at better job at that--including the Unicode extension reversal trick.

Regards,