Hey folks,

Please read this, some mod on the MSFN forum has a negative stance re ClamWin, wondered what you thought of this, link to the thread is below.

https://www.msfn.org/board/index.php?showtopic=127720 https://www.msfn.org/board/index.php?showtopic=127720

All AVs have good points/bad points. Below is a link to a test of AVs from a few months ago by Virus Bulletin. The test included Clam AV (which provides the engine for ClamWin). Clam found 88% of malware and 93% of spyware in on-demand scans, which is better than a few of the commercial AVs. I don't consider this to be too bad, considering most of the development of Clam (and all the development of ClamWin) has been done by unpaid volunteers.

It's impossible to develop an antivirus that can compete with commercial programs under those circumstances. Certainly, until ClamWin goes real-time, you should use it as backup to a real-time scanner--either free or commercial. One thing I like about ClamWin is that it is not "bloated" like most of the commercial stuff, but it will be inefficient (from a programming standpoint) until its dependency upon Python is dropped.

ClamWin is dependent upon the technology behind the Clam engine, so its detection rates are similar; however, it can't take advantage of all the capabilities of Clam because Clam is designedfor the Linux environment, while ClamWin is used in the Windows environment. The malware is the same, but ClamWin could use a couple of heuristics designed for the Windows environment.

Here is the link to the test at https://www.virusbtn.com/news/2008/09_02 on the web.

Regards,

Hello All,
I totally agree with Bob. I am using Clamwin since version 0.90 and, from my point of view, it works just as most commercial AV's out there. If one checks on Clamav site one may find many educational and governamental institutions, as well as webhosting companies which are using Clam successfully (mainly for mail servers, but Clam can catch also other malware which is not normally spread via mail). For what concerns falsies I noticed that more or less all av's encouter this kind of problem, despite we are talking of paid software of freeware. I remember sometime ago AVG Free spotted as malware a file of XP SP3 just downloaded from MS site...
What I am missing the most (as nearly all the people using Clamwin) is the real time scanning . Anyway if updates and scans are made regularly and surfing habits avoid visiting hazardous sites one can consider to be protected enough.
Moreover, latest version has reduced scanning version remarkably (scans of my C: drive takes now about 45 mins and it was about 60 mins till 0.93...).

Now I am experimenting using Clamwin only besides Threatfire (know I'll get a scolding from Bob for that... ), so far, no troubles.

Regards,
Antonio

Thanks again for the info guys.

Hi GuitarBob,

I am new to the Forum and have been reading some of the posts around the latest in virus etc protection. I currently have a free trial version of ESET Smart Security on my computer, recommended by the IT people at work, which I thought provided real-time antivirus, antispyware and firewall protection. Recently a friend using the AVG free version got a virus and had some troubles, which got be thinking about the issue of free v paid.

The post by GuitarBob on the above (detection rates...) subject suggested a look at the 'AV-Test release latest results', which I did, on Virus Bulliten, at https://www.virusbtn.com/news/2008/09_02 on the web.

1. Can someone tell me the difference between the (Home Version) of their ESET Smart Security and their ESET NOD32, as the difference sounds like jargon to me?
2. I always thought their product provided real-time protection, but according to the VB test results it got "O" (Zero) for the 'malware and ad-ware/spyware on demand' results. What does 'O' (Zero) actually mean compared to '--' (two dashes), I cant find an explanation for these short cuts? Am I reading this correctly?
3. GuitarBob suggested '...you should use it (ClamWin) as backup to a real-time scanner--either free or commercial...' The ESET (free version, and I assume the paid one will too) says that 'You must uninstall your existing antivirus solution before installing either ESET Smart Security or ESET NOD32 Antivirus', so how could I have them both running at the same time, as suggested, thanks?
4. The simple solution may be to use another paid? provider, that allows ClamWin to do its thing too, any suggestions please?

Thanks Guys,

Tom1950

Hello Tom1950,

I will try to provide some help till Bob is back on the forum.

-Eset Smart security is the complete protection suite (which packs together Antivirus, Antispyware & Firewall), while Nod32 refers only to the Antivirus Tool (basically Nod32 is a part of the suite).
-If I well understand you will have to read the results of the VB Test using the legenda at the bottom of the list. '0' does not mean 'zero' but reflects the percentage of the malware found (just as in some tests you get a 'A', 'B', etc score, depending on the quality of the results). Same for --
-The Eset notice about uninstalling existing av's refers to the fact that almost all av's have real time protection so if you are installing one more av with real time the existing one will detect it as a threat. Definitely it is not recommended to install two av's at the same time since this would lead to conflicts, each one recognising the other as a potential treat. So, no double protection but double trouble. However this is not happening with Clamwin since till now it has no real time protection module. You can just install it besides any other real time av. They won't conflict (of course, unless you launch a scan with both av's a the same time).

For commercial products, the difference between paid or free version is mainly about the variety of security tools available with the paid version, or extra option s (i.e. possibility to set security tools in your own language; free version have english by default; in some cases free av's provide only detection of threats but not removal, which become paid).

To stay on the 'free' side (only for personal/non commercial use) my suggestion for a security set would be:
-Antivurs: Avira Antivir Free
-Antispyware: Spybot S&D
-Firewall: Pc Tools Personal Firewall
... plus, Clamwin (of course )

Of course this choice reflects only my personal taste; you can find more suggestions on the AntiMalware Links page on Clamwin's website.

Hope this helps,
Antonio

Hello Antonio S,

Thank you for clarifying the Eset products and how the results of the VB test are interpreted - I missed the legend at the end of the report, much appreciated. Many reports I see have the legend at the beginning, so you know what they mean before you start.

You mentioned that some versions of free av's provide only detection of threats but not removal, which become paid. I am assuming that the Avira Antivir Free product you personally recommend detects and quarantines/removes. Also, do they provide quality backup?

As I understand it, the purpose of having the two av approach, is that if the 'main' one finds a virus and you want to check that it is not a 'false positive', that is, not really a virus but something quite ok and may be important to have has been interpreted as such, then you can do the other scan and if it also shows the same virus, it most likely is. You can then cleanse it, or quarantine it - which i see from posts is the preferred action, in case you have to restore it. Am I getting it right?

I get the feeling you prefer the free protection version compared to the paid ones, and also the individual product, compared to the bulk all-in approach?

Thanks again for yr help and hope you get a chance to answer my latest questions.

Tom1950

Hello Tom1950,

I can confirm Avira Antivir can detect, quarantine and finally remove infected files (if you wish to do so). Note that some infections are persistent and quite hard to eliminate so if 'clearing' with the ordinary tool fails you may try some of the solution suggested in the Antimalware Links page of Clamwin website.
The reason of having 2 av's installed than only one is simple; you can always make a double check on a suspect file before deciding what to do with it. Another resource is to upload suspect file to www.virustotal.com; this is free service where uploaded file are scanned by multiple svanning tools (around 30 av's); that become useful if thw 2 av's installed give 2 dofferent results, for instance. Note that for uploading on Virustotal you have a max. file size of 10 MB.
Further layer of protection: you may think to have your machine scanned periodically by on line scanners (for reference check always the antimalware Links page on Clamwin site).

For the last question; yes, I prefer to use single security products. Suites can integrate better but not all the tools of a suite have the same performance so I prefer to navigate among multiple choices and find out what suits me better. Apart from that, a complete suite is normally available for free only as a trial version (so for limited period of time); generally single tools are available as freeware with no limitations (except the one I lested below and of course some pop ups occurring when updating and asking you to upgrade to full paid version; you just can skip those and run your tools as usual).
Clamwin is an exception to that since it is free software; this means you will get updates and upgrades of product at no charge (with no ad as well). Of course, any donation to such a project (which is maintained by voluntary work) is welcome. I do this periodically as for me this is worth the case.

Regards,
Antonio

Hello,

another freeware solution for non commercial purposes is the latest AVG with spyware and antivirus protection. A complete internet security suite even for commercial purposes is provided by Comodo. They have a proven firewall included.

Regards

Freefighter

Which operating systems does this support?

To Starbound:

Comodo suite supports w2k, XP and Vista.

Thanks.

Hi Antonio S. and freefighter,

Thanks for the addtl info. I noticed Comodo was not listed in VB's test release, is that a good sign or not? About free firewalls, is Zone Alarm also ok (a few friends swear by it) or is it much of a muchness?

Am I right in saying the avira (and avg) free av's provide real time protection and regular auto updates? If not, and u have to do manual updates and regular scans, how often should these be done? Antonio, please advise about the updates and scans for the firewall and spyware programs you suggested?

Sorry about so many questions. Hope u get a chance to reply.

Is there a good not too technical article one can read about this whole malware etc process?

Thanks,

Tom1950

Hello Tom:

The U. S. CERT site has some good information about computer security, and it will inform you of widespread malware attacks, although it is kind of dry reporting. Here's the link to their reading room: https://www.us-cert.gov/reading_room/ on the web. You can bookmark it and read at your leisure.

Any of the large antivirus vendor websites will have current information about malware. Try the McAfee, Symantec (Norton), Trend Micro, or Kaspersky web sites.

The ClamWin Anti-Malware page also lists resources for help with information about malware and its removal.

Regards,

Hello Tom,

Avira and Spybot can be set both with real time protection and autoupdates. Also Pc Tools Personal Firewall is set by default for checking updates. Check for more info on relevant websites.
Both Avira and Spybot can be set for scheduled periodic scans. You just set up the period, they do the rest. A weekly scan of the entire machine could be a good routine work. However, scanning time may vary depending on quantity of files to be scanned and hardware configuration.

Btw, I am using Comodo Personal Firewall on my desktop (PC Tools Firewall on my laptop); in my opinion both of them are goods choices.


Regards,
Antonio