Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

ClamAV For Windows Open Beta Begins

timothy posted more than 3 years ago | from the pssst-your-os-is-showing dept.

Windows 127

An anonymous reader writes "The public beta for ClamAV for Windows 3.0, which includes full integration of the ClamAV engine into the Immunet Protect product, is now open. If you are interested in playing with ClamAV for Windows 3.0, please see these forums. 32-bit and 64-bit versions are available for download. ClamAV for Windows should not be confused with ClamWin, a separate project."

Sorry! There are no comments related to the filter you selected.

Huh... (5, Funny)

amnesiacopera (1748256) | more than 3 years ago | (#34897438)

Will it run on Windows 3.1 as well?

Re:Huh... (0)

Anonymous Coward | more than 3 years ago | (#34897496)

Wait, let me tweak my config.sys so that I have extra space in my 640kb space to load himem.sys. If that's not enough I can probably squeeze a few more kb from the I/O address space....

Re:Huh... (2, Informative)

Anonymous Coward | more than 3 years ago | (#34897814)

himem.sys is what allows you to load stuff into extended memory, thereby providing more free conventional memory. You would never need to make extra space for it.

Re:Huh... (0)

Anonymous Coward | more than 3 years ago | (#34899314)

Huh? Sure you could. himem.sys has a portion that loads in conventional memory. I mean, you should be able to trade a bunch of conventional memory for that part himem.sys by loadhighing other programs. But you can definitely be in a situation where you've filled up so much of the first 640K that you can no longer load himem.

Re:Huh... (1)

Anonymous Coward | more than 3 years ago | (#34899386)

himem.sys is the first driver to be loaded if you are planning to use XMS at all. Only a fool would load a bunch of drivers into conventional memory before loading himem. A typical config.sys using XMS would look something like this.

device=C:\himem.sys
dos=high,umb
devicehigh=c:\bin\d011v109.sys /D:MSCD001 /M:1
devicehigh=c:\zansi.sys
files=20
buffers=40
lastdrive=e

Nobody who knew anything about DOS would ever try to load those other drivers (in this case, CD-ROM and ANSI drivers) before loading himem.

Re:Huh... (1)

black6host (469985) | more than 3 years ago | (#34898660)

Not only that but you can peek and poke to get just the perfect color scheme :)

Re:Huh... (1)

BatGnat (1568391) | more than 3 years ago | (#34898822)

If you want the most space use QEMM.

But seriously, upgrade to OS/2 Warp will you....

Re:Huh... (0)

Anonymous Coward | more than 3 years ago | (#34897706)

Only in 386 Enhanced mode.

Wrong way around. (2)

BrokenHalo (565198) | more than 3 years ago | (#34897860)

A way cooler project might be to backport all those nice new viruses to run on Windows 3.x. Just think of all those people who are missing out.

Re:Huh... (1)

xactuary (746078) | more than 3 years ago | (#34897846)

Will it run on Windows 3.1 as well?

That's exactly how I read it. lol.

Re:Huh... (0)

Anonymous Coward | more than 3 years ago | (#34897848)

Sheesh, you people. Why would you switch from something that works? Windows 3.0 runs just fine and uses less resources. Not only that, but I question the need for a virus checker. It's been a long time since I've seen viruses and worms written for Windows 3.0. It's pretty safe these days.

Re:Huh... (1)

antdude (79039) | more than 3 years ago | (#34900056)

Nah, Windows for Workground v3.11 and Windows 3.2 [wikipedia.org] . ;)

Re:Huh... (0)

Anonymous Coward | more than 3 years ago | (#34900138)

Will it run on Windows 3.1 as well?

DOS version too? ;-}

Editing mistake? (5, Informative)

froggymana (1896008) | more than 3 years ago | (#34897454)

From TFA "ClamAV 3.0 for Windows Open Beta", not "ClamAV for Windows 3.0" as the summary states.

Re:Editing mistake? (2)

Shikaku (1129753) | more than 3 years ago | (#34897504)

It's not incorrect to say ClamAV for Windows 3.0, but it's much less confusing to say ClamAV 3.0 for Windows.

Re:Editing mistake? (1)

froggymana (1896008) | more than 3 years ago | (#34897564)

ClamAV for Windows 3.0 would be correct if it were for that specific version of Windows, but it is referring to the version of ClamAV which runs on an unspecified version of Windows.

Re:Editing mistake? (1)

mehrotra.akash (1539473) | more than 3 years ago | (#34897588)

It gets confusing ..
is it
(ClamAV for Windows) 3.0
OR
ClamAV for (Windows 3.0)

Re:Editing mistake? (1)

froggymana (1896008) | more than 3 years ago | (#34897674)

Oh that makes more sense... People need to learn to use grouping parenthesis more often in their writing/typing :)

Re:Editing mistake? (1)

noidentity (188756) | more than 3 years ago | (#34899804)

If the name of the product were "ClamAV for Windows", then it would be correct, though confusing, to call it ClamAV for Windows 3.0.

when product branding goes wrong (0)

Anonymous Coward | more than 3 years ago | (#34897490)

Shouldn't it be titled ClamAV 3.0 for Windows? I doubt its for Windows 3.0.

Re:when product branding goes wrong (1)

Atti K. (1169503) | more than 3 years ago | (#34898174)

Yeah, cause it would make so much sense to make an antivirus for Windows 3.0... In 2010, that is.

Re:when product branding goes wrong (1)

BlueScreenO'Life (1813666) | more than 3 years ago | (#34901040)

Yeah, cause it would make so much sense to make an antivirus for Windows 3.0...

Yeah that's right. Just run it under DOS 6.22, which comes with its own antivirus msav.exe.

What is the Immunet product and why should we risk (4, Funny)

Anonymous Coward | more than 3 years ago | (#34897516)

Could someone enlighten us what the Immunet product is? Their web page is so full of cloud computing and other buzzwords that I can't see what's different from other vendors tools

Re:What is the Immunet product and why should we r (2)

Spad (470073) | more than 3 years ago | (#34898930)

The Immunet Community has over 0 members protected from 0 threats.

Whatever it is they do, the Immunet Community appears to rely too much on Javascript.

Clam. What's that? (0)

Anonymous Coward | more than 3 years ago | (#34897518)

And what this ClamAV thing is? One word or two maybe?

Re:Clam. What's that? (5, Funny)

KugelKurt (908765) | more than 3 years ago | (#34897542)

An anti virus application for Windows 3.0

Re:Clam. What's that? (0)

Anonymous Coward | more than 3 years ago | (#34897580)

Then I guess it's a little outdated. Who runs Windows 3.0 these days? Some ATM maybe.

Re:Clam. What's that? (1)

KugelKurt (908765) | more than 3 years ago | (#34897968)

No, they run Windows 3.11 because they require that "for Workgroups" feature.

Re:Clam. What's that? (2)

Atti K. (1169503) | more than 3 years ago | (#34898224)

Yeah, some mod could mod this funny, but it's actually sad but true... for some older ATMs at least. Nowadays I see quite a few running XP (you can see that on the back screen, if the ATM is in a place where you can see its back). But a few years ago I've seen a crashed ATM and it had plain MS-DOS. Then I remembered that I've used once an ATM of that particular bank, and that it seemed to me that the fonts looked just like the BGI fonts (Borland Graphics Interface - those who used Borland Pascal/C++ during the '90s know what I'm talking about), so I'm pretty sure that ATM was running plain DOS with some graphical app coded in Borland Pascal or C++ on it.

Re:Clam. What's that? (1)

neumayr (819083) | more than 3 years ago | (#34898420)

I thinks it's sadder when an ATM runs XP. Those things handle sensitive data and should be kept as simple as possible, as more code always implies more bugs, no matter who's code it is.

An ATM running DOS would generally feel more trustworthy to me than one running XP.

Re:Clam. What's that? (0)

Anonymous Coward | more than 3 years ago | (#34899408)

Thereby giving the ATM application direct access to the hardware, that's a great idea! :/

Re:Clam. What's that? (1)

neumayr (819083) | more than 3 years ago | (#34900576)

Why wouldn't it be? The application takes only very well defined input and the hardware is known. I don't see any problems.

Re:Clam. What's that? (0)

Anonymous Coward | more than 3 years ago | (#34898104)

I think it is an anti-viral medication for chlamydia. Although since chlamydia is bacterial I don't know why they need an anti-viral.

Wasted effort? (-1)

Anonymous Coward | more than 3 years ago | (#34897574)

ClamAV for Windows 3.0

Wouldn't it be more prudent to develop an anti-virus product for a current version of Windows?

On Slashdot? Really? (1)

neumayr (819083) | more than 3 years ago | (#34897610)

Sure, it's something to make fun of, Windows 3.0 and all that. But advertising an anti virus product beta on Slashdot's main page? C'mon.

ClamAV is a big deal (4, Informative)

iYk6 (1425255) | more than 3 years ago | (#34897664)

ClamAV is an open source anti-virus. That's a pretty big deal, considering it is the only one. Or at least, the only one that is complete and still maintained.

Were you being sarcastic, or did I miss a joke?

Re:ClamAV is a big deal (1)

neumayr (819083) | more than 3 years ago | (#34897676)

It's an open source product? Okay, then I guess I see the relevance. Sorry, my bad.

They could have mentioned that in the summary though..

Re:ClamAV is a big deal (0)

Anonymous Coward | more than 3 years ago | (#34897724)

They also forgot to mention in the summary that Windows is proprietary software.

Re:ClamAV is a big deal (1)

ziggyzaggy (552814) | more than 3 years ago | (#34897996)

oh no! and here I thought redmond was just being slow making my source printout request as per GPL 2. You really know how to pop someones bubble. Now what am I going to do about my nifty custom .bat file with included Windows 2008 Server R2 that's been so popular on megaupload?

Re:ClamAV is a big deal (4, Informative)

rubycodez (864176) | more than 3 years ago | (#34897836)

ClamAV's main use is the Unix/Linux/BSD version for running on mail servers, but it also has the cool mode of scanning directory trees on a samba file servers for Windows clients. The virus definition databases it uses are updated multiple times a day and are automatically downloaded. I have several customers that have been using it for years, it does catch the bad wares and moves bad files to a holding directory. It understands the common archival and compression, executable, and document formats.

http://www.clamav.net/lang/en/about/ [clamav.net]

Re:ClamAV is a big deal (1)

black6host (469985) | more than 3 years ago | (#34898738)

I assume you're using it to scan files on a predetermined schedule? If so, obviously you would not be able to comment on real time protection (upon file access.) I take it you're satisfied though with the scanning and detection abilities. Please correct me if I'm wrong. This (CLAMAV for Windows) piques my curiosity though as currently I use, and some of my clients as well, MS Security Essentials. This is ok in a business environment with 10 or fewer computers but some of my clients, who can't afford at the moment anything else, need something free they can run on their workstations. A server/client based solution is not an option. No Exchange or web server in-house and the server is never used for web access or anything else on-line other than MS updates and our firewall is pretty good. It will be interesting to see how this pans out. I really need a free solution for workstations only in a corporate setting.

Re:ClamAV is a big deal (0, Interesting)

Anonymous Coward | more than 3 years ago | (#34899156)

Files should be scanned on creation, not access. Why let a bad file get downloaded, written to disk and sit around, just so you can scan EVERY GODDAMNED FILE on access?

Re:ClamAV is a big deal (2)

black6host (469985) | more than 3 years ago | (#34899830)

First, I think you took my part about access a bit too literally. Of course files should be scanned upon first encounter. Second, if files get on a system with a new exploit that hasn't hit the virus def file yet, I'd rather it get caught at some point, and in the real time protection scenario it will be picked up on access if it's not caught sooner (provided the virus defs have been updated to pick it up.)

Lastly, no need for swearing and all those caps. One can make a point without doing so and polite discourse if my preferred mode of communication. Of course, it takes all types and the net certainly makes it easy to do as you please. One does not stay a member of most forums on the net without a thick skin though so have your say :)

Re:ClamAV is a big deal (1)

rubycodez (864176) | more than 3 years ago | (#34900686)

correct that file scans are scheduled, but that fits with the clients use of batch reception of scanned and pdf medical documentation.

They use a multi-tiered approach to security that also includes Fortigate and the free AVG windows client.

Re:ClamAV is a big deal (1)

black6host (469985) | more than 3 years ago | (#34901020)

The Fortigate looks good at first blush (haven't used one personally.) I've become rather not fond of AVG, I got more support calls from family who I used to recommend AVG to, related to AVG, than anything else. Mostly, the update nagging and seemingly absolutely immediately required upgrades to the latest, greatest version. That plus every time I used to instruct them on how to download it they were always tripped up by all the BS that came along with the download page. Really unobtrusive free download off to the side or the much larger, screaming in your face button which of course was either the non-free version or some other unneeded security product. That plus very recently AVG missed something on a family member's system and I had to do the clean up. It was MS Security Essentials from then on. Still, doesn't work from a licensing perspective in a business with greater than 10 systems. Still looking.....

Re:ClamAV is a big deal (1)

tgd (2822) | more than 3 years ago | (#34898446)

And? MS Security Essentials is a zero-cost option as long as the OS isn't pirated.

If you're not in a free-as-in-whatever-the-OSS-people-are-calling-free-like-beer-or-whatever OS, why do you need AV that is?

Not sure I get it. I can totally buy an OSS virus scanner for an OSS OS, or an OSS virus scanner for a non-OSS OS that has no free options, but Windows has a free option that comes from the people who wrote the OS.

Re:ClamAV is a big deal (1)

beardz (790974) | more than 3 years ago | (#34898562)

And? MS Security Essentials is a zero-cost option as long as the OS isn't pirated.

It's a zero cost option even if the OS is pirated.

Re:ClamAV is a big deal (1)

melstav (174456) | more than 3 years ago | (#34898900)

Microsoft pushes "Critical" security updates for their software so frequently it isn't funny. And that's not even taking into account vulnerabilities they go out of their way to actively keep quiet [slashdot.org] . Do you REALLY want to trust *THEM* to provide you with the software that's supposed to keep the *rest* of their library secure?

Re:ClamAV is a big deal (1)

QuoteMstr (55051) | more than 3 years ago | (#34899054)

Oh, for fuck's sake, have you seen LWN's "security" page? Every week, there's some remote code execution vulnerability or another. At least distributions regularly push updates --- Apple usually waits for its next minor release. I'm sick and tired of this puerile and reflexive Microsoft-bashing.

Re:ClamAV is a big deal (1)

asdfghjklqwertyuiop (649296) | more than 3 years ago | (#34900604)

The joke is that virus scanners in general tend to be jokes.

Re:On Slashdot? Really? (1)

bcmm (768152) | more than 3 years ago | (#34898208)

ClamAV is an open-source AV system. The reason a Windows version is news is that it's usually run on Linux systems, especially mail servers.

Will it run on ReactOS? (1)

Anonymous Coward | more than 3 years ago | (#34897620)

People waiting to follow the only worthy upgrade from XP want to know ;)

Re:Will it run on ReactOS? (4, Funny)

AndGodSed (968378) | more than 3 years ago | (#34898644)

Well, first you have to get ReactOS to run...

Summary is incorrect (0)

Anonymous Coward | more than 3 years ago | (#34897720)

This software will not run on Windows 3.0

Re:Summary is incorrect (1)

KugelKurt (908765) | more than 3 years ago | (#34897946)

Oh no, I was just about to insert the first of my Win3.0 720Kb setup floppies to give ClamAV a spin.

Mmmmm Clams (0)

Anonymous Coward | more than 3 years ago | (#34897738)

"ClamAV for Windows should not be confused with ClamWin, a separate project." and to those of us that know nothing of either it should not be confused with regular clams that taste great with a little melted butter.

Seriously I know that submissions aren't edited but telling us what ClamAV does/is would be helpful.

Re:Mmmmm Clams (1)

ffreeloader (1105115) | more than 3 years ago | (#34897986)

Yeah, having to use Google to figure out something you don't know is so hateful and discriminatory.... ;)

Re:Mmmmm Clams (1)

Teun (17872) | more than 3 years ago | (#34898360)

What's this google?

Re:Mmmmm Clams (1)

grcumb (781340) | more than 3 years ago | (#34899352)

What's this google?

Same as that Google, only closer.

Re:Mmmmm Clams (1)

ziggyzaggy (552814) | more than 3 years ago | (#34898028)

you're a bit ambiguous yourself, are your "regular clams" the underwater or bearded variety, i.e. are you buttering and tasting marine bivalves or vulvas?

Re:Mmmmm Clams (0)

Anonymous Coward | more than 3 years ago | (#34898400)

Actually, it's neither. "Clams" are a commong slang word for scientologists. May xenu live forever..

ClamAV engine poor at general malwre detection (4, Informative)

throwaway18 (521472) | more than 3 years ago | (#34897792)

The clamAV engine is designed for scanning incoming email. These days any sensibly configured email system deletes all email with any forum of executable attachment before it gets anywhere near the end users so email scanning is a bit of a niche market.

The ClamAV engine may be good at email scanning but that does not mean it is good for general malware scanning. Clamwin, which uses the clamAV engine in a general windows malware/virus scanner has very poor detection compared to the top few antivirus packages (Eset Nod32, AVG, kaspersky, avira paid version, panda).

Malware delivered via the web is the main source of the epidemic of crap on the windows platform these days. In geek circles I feel like a suspected plague carrier because I carry a windows laptop instead of running ubuntu or carrying an apple.

I do nearly all my browsing in windows virtual machines. The basic firefox only VM is little trouble. A vm with flash player, Sun java, acrobat reader, dotnet addon etc results in the "whats all this network traffic, shit the VM is sending spam" or "popups WTF?" every few months, followed by going back to a known good copy of the VM and redownloading lots of updates.

Over that last year I'v uploaded a couple of dozen malware .exe's from the web to virustotal, (mostly attempts to exploit user ignorance that didn't getting running on my machine eg desirable-file.pdf.exe). I keep the exe's and check how long it takes for AV companies to add detection. Kaspersky and AVG usually add detections within 36 hours, avira is usually "next day" provided next day is monday-friday.
Half the time Clamwin does not detect the malware and typically takes a couple of weeks to start detecting my sample if they get it at all.
I have little confidence in another package using the clamAV engine doing any better.

Also the ony real cleanup response for malware arriving by email is 'delete', removing malware that has installed itself into windows takes much more work. A of people rely on antivirus software to clean up messy infections instead of being organised enough to have current backups and known-good images of every machine.

Re:ClamAV engine poor at general malwre detection (4, Insightful)

Frosty Piss (770223) | more than 3 years ago | (#34897950)

The clamAV engine is designed for scanning incoming email. These days any sensibly configured email system deletes all email with any forum of executable attachment before it gets anywhere near the end users so email scanning is a bit of a niche market.

Maybe end users WANT the freedom to be able to attach executables? Who says all email users (or even most) are like you?

Now, of course, I'm not talking about the rubes that clicky on any linky or attachment in their email, but you know, *I* want the ability to send *any* type of file I choose to a recipient that might be expecting said file...

Re:ClamAV engine poor at general malwre detection (4, Insightful)

mspohr (589790) | more than 3 years ago | (#34898200)

And unfortunately, the range of attachments which can be considered "executable" (on Windows) is very large. I recently encountered a company that would not accept a PDF file email attachment because of the perceived danger. No doubt the danger is real on Windows but this should prompt some more intelligent countermeasures (such as better pdf readers, virus detection, or getting rid of Windows).

Re:ClamAV engine poor at general malwre detection (1)

Lennie (16154) | more than 3 years ago | (#34898680)

Judging by a recent 27c3-presentation, I have some doubts a good PDF reader actually exists. The format is such a mess I can't believe it:

http://www.youtube.com/watch?v=54XYqsf4JEY [youtube.com]

Re:ClamAV engine poor at general malwre detection (2)

aztracker1 (702135) | more than 3 years ago | (#34898718)

The holes are in the Adobe Acrobat Reader, and exist on linux as well whenusin adobe's reader, which many on linux don't, just the same, the security hole isn't only in windows.. also, you can run a botnet node in user space on linux too.

Re:ClamAV engine poor at general malwre detection (1)

mspohr (589790) | more than 3 years ago | (#34900410)

Yeah, it is theoretically possible to run a botnet in userspace in Linux and there was even an actual botnet that attacked some Linux based modems a few years ago using their default passwords. However, perhaps because it requires exceptional stupidity on the part of users (and their lack of access to root), there aren't any actual botnets in the wild running on Linux. Just happy the I run Linux and Mac and don't have to worry about malware. I'm happy to leave the malware battles to the Windows users.

Just last week I was diving and shared some photos with another diver. He was running Windows and my memory card came back with a virus. Of course it wouldn't run on Linux and I just deleted it but it's any ugly world of Windows out there.

Re:ClamAV engine poor at general malwre detection (0)

Anonymous Coward | more than 3 years ago | (#34899022)

Do they instead insist sending them documents in word format? (rolls eyes)

Re:ClamAV engine poor at general malwre detection (2, Insightful)

Anonymous Coward | more than 3 years ago | (#34898030)

I work for a manufacturing software company and we deliver products by email every day. We rarely have a problem because very few email systems mindlessly delete all executable attachments.

Re:ClamAV engine poor at general malwre detection (0)

Anonymous Coward | more than 3 years ago | (#34898118)

Quote
  Bollocks.
  Pretty well any half arsed corporate email system will automatically delete attachments that use a .exe extension and even any combination of the letters e,x & e. Don't be smart and use .sex either....

Pah.
These troll get everywhere...
I'm posting AC cause I work for a large three lettered software company.

Re:ClamAV engine poor at general malwre detection (1)

Sulphur (1548251) | more than 3 years ago | (#34898778)

I'm posting AC cause I work for a large three lettered software company.

FUD Inc?

Re:ClamAV engine poor at general malwre detection (3, Insightful)

bcmm (768152) | more than 3 years ago | (#34898226)

These days any sensibly configured email system deletes all email with any forum of executable attachment before it gets anywhere near the end users so email scanning is a bit of a niche market.

Where did you get that from? Remember that .doc is, potentially, an executable format (a Word macro can make arbitrary win32 API calls), not to mention the many exploits that rely on overflows in parsers of non-executable formats.

Re:ClamAV engine poor at general malwre detection (1)

snowgirl (978879) | more than 3 years ago | (#34899590)

Where did you get that from? Remember that .doc is, potentially, an executable format (a Word macro can make arbitrary win32 API calls), not to mention the many exploits that rely on overflows in parsers of non-executable formats.

So, now here comes the interesting tidbit of pedantry. A .doc file cannot, I repeat cannot, contain a macro.

What can contain macros are .dot files, or document templates. The problem is that .dots are virtually identical to .docs, and if you take a .dot and rename it with a .doc extension it will be indistinguishable from a proper .doc file, thus all these macro viruses spread by parading document templates as simple documents. If Word were just smart enough to recognize that it is opening a document template with the extension of ".doc" and throw up an error/warning message, macro viruses would hardly be a problem.

Re:ClamAV engine poor at general malwre detection (2)

fishexe (168879) | more than 3 years ago | (#34901070)

Where did you get that from? Remember that .doc is, potentially, an executable format (a Word macro can make arbitrary win32 API calls), not to mention the many exploits that rely on overflows in parsers of non-executable formats.

So, now here comes the interesting tidbit of pedantry. A .doc file cannot, I repeat cannot, contain a macro.

Are you sure [wikipedia.org] ?

What can contain macros are .dot files, or document templates. The problem is that .dots are virtually identical to .docs, and if you take a .dot and rename it with a .doc extension it will be indistinguishable from a proper .doc file, thus all these macro viruses spread by parading document templates as simple documents. If Word were just smart enough to recognize that it is opening a document template with the extension of ".doc" and throw up an error/warning message, macro viruses would hardly be a problem.

So how come when i add a macro and hit save, it directly produces a doc that contains a macro? I admit it's been a lot of years since I've done this, but I've never renamed a .dot to .doc or anything like that, yet I've opened up documents to which I've added macros and, lo and behold, the macros were still in there.

Re:ClamAV engine poor at general malwre detection (1)

bcmm (768152) | more than 3 years ago | (#34901074)

OK, so a genuine Microsoft Word document might not hold macros, but a .doc file most certainly can.

I know it's not the intended use, but as you say, a file ending .doc can contain any format recognised by Word and work as expected. This is in semi-common use for communicating with idiots who accept only Word documents, since Word will accept plain-text or RTF, which are both much easier to work with.

Re:ClamAV engine poor at general malwre detection (1)

neumayr (819083) | more than 3 years ago | (#34898500)

Wow. You sure are a malware magnet. Luckily it seems to fit your hobby.

Please be aware not everyone gets attacked as much as you do and the kind of organization you wield to protect yourself would be overkill for most people.

Re:ClamAV engine poor at general malwre detection (1)

nurb432 (527695) | more than 3 years ago | (#34899090)

In geek circles I feel like a suspected plague carrier because I carry a windows laptop instead of running ubuntu or carrying an apple.

So YOU are that guy..

Re:ClamAV engine poor at general malwre detection (0)

Anonymous Coward | more than 3 years ago | (#34900952)

ClamWin isn't developed by the ClamAV Team, so comparing ClamWin stats on detection and assuming they are the same as ClamAV is misleading.

If you look at ShadowServer stats ClamAV is always in the top 10 on 0-Day detections.

Additionally, the ClamAV 3.0 for Windows has multiple detection engines for detecting threats, not just the ClamAV engine.

Not getting it. (1)

Khyber (864651) | more than 3 years ago | (#34897964)

Just repaired a computer that had ClamAV installed.

It missed multiple trojans that Microsoft Security Essentials found.

Re:Not getting it. (2)

mick232 (1610795) | more than 3 years ago | (#34898160)

It's not enough to install it. You actually have to use it and keep it up-to-date!

Re:Not getting it. (0)

Anonymous Coward | more than 3 years ago | (#34898650)

I've submitted 100+ viruses from the wild to ClamAV using the online form. One year later, clamAV still can't detect the very samples I sent in. They are not keeping up.

Re:Not getting it. (0)

Anonymous Coward | more than 3 years ago | (#34898832)

[citation needed]

Re:Not getting it. (0)

Anonymous Coward | more than 3 years ago | (#34898968)

I suppose there is no citation I could give you that would make you believe. I suggest you submit samples yourself using virustotal and observe how long it takes until clamAV detects that sample.

Re:Not getting it. (1)

anomaly256 (1243020) | more than 3 years ago | (#34899572)

It has been my experience as well that clamAV and variants of it are in practice useless. Like, totally useless. I've never, ever, seen clam* successfully detect anything at all, even when up to date and used often. Even when pointed *directly at a known infected file with incredibly common malware/virii/whatever* it'll still say it's clean. When packages like that awful and bloated Nortons do a better job, I'm tempted to call clam* an outright hoax. Fire up avast!, detects it. McAffee, detects it. Nortons, detects it. Even an outdated version of CA's AV from 2001 detected it. Clam couldn't. :( This article is un-news.

Re:Not getting it. (0)

Anonymous Coward | more than 3 years ago | (#34898398)

Last I heard, it wasn't one of these bloated always running in the background type of scanners. It's one of those old school scanners that you have to actually update and run.

Also, I have seen Microsoft Security Essentials as well as a number of other tools find remnants of files and registry settings dropped by Trojans and virus that other security tools supposedly already cleaned the infections from. This doesn't mean the computer is currently infected or compromised in any way, it means it found crap that was put there by something deemed bad.

I'm not sure if you are experienced enough to ever come across this, but it's pretty common when running malware tools too. Judging from your post, I suggest you stick with it a while and you will see the obvious too.

Re:Not getting it. (1)

Khyber (864651) | more than 3 years ago | (#34898856)

It was fully updated and was ran before installing and running MSE, I did that myself to confirm viability of the installed anti-virus software.

It still missed simple shit from a year or more ago.

Sloooooowwwww..... (0)

ArchieBunker (132337) | more than 3 years ago | (#34898060)

Scanning files with ClamWin is about as fast as reading them yourself with a hex editor. I use Avast.

Re:Sloooooowwwww..... (0)

Anonymous Coward | more than 3 years ago | (#34900844)

ClamAV for Windows != ClamWin

ClamAV for Windows is a full fledge AV product. ClamWin is not.

Windows 3.0 - 64bit (0)

Anonymous Coward | more than 3 years ago | (#34898094)

I bet that's actually really fast.

Re:Windows 3.0 - 64bit (3, Funny)

TheRaven64 (641858) | more than 3 years ago | (#34898278)

I ran Windows NT 4 on a P166, dual-booting with DOS for games. I installed Windows 3.11 in DOS and it was amazingly fast, although running something designed for a 640x480 (16 colour!) display on a 1024x768 screen made it look a bit strange. Running on a modern system would probably be so fast that you'd barely have time to see the UI before you got the first general protection fault...

Re:Windows 3.0 - 64bit (1)

Khyber (864651) | more than 3 years ago | (#34898862)

I think it more likely you hit a divide overflow before you see a GPF.

Re:Windows 3.0 - 64bit (2)

snowgirl (978879) | more than 3 years ago | (#34899632)

I ran Windows NT 4 on a P166, dual-booting with DOS for games. I installed Windows 3.11 in DOS and it was amazingly fast, although running something designed for a 640x480 (16 colour!) display on a 1024x768 screen made it look a bit strange. Running on a modern system would probably be so fast that you'd barely have time to see the UI before you got the first general protection fault...

I've been stuck with an interesting dilemma a few times, where I installed a new hard drive into my netbook. Problem is, how do you install the OS? Well, the best option I had available at the time was to boot over the network with a virtual floppy and install DOS 7.0 on the machine. With that, I was actually able to at one point install Win 3.11, but the problem was that none of the drivers worked for the newer hardware, and the hardware had lost enough backwards compatibility to make the drivers that did exist not work. So, I was stuck with a vastly overspeced computer that couldn't even set the resolution above 640x480... :(

Re:Windows 3.0 - 64bit (1)

TheRaven64 (641858) | more than 3 years ago | (#34900100)

Are you sure? You probably have a setting for SoundBlaster emulation in the BIOS (I think it's not enabled by default now, because most stuff expects an AC97 interface, but it's possible to enable). Windows 3.1 also supported SVGA via VESA, which I think all modern graphics cards still support, although it didn't select that driver automatically. You won't get any hardware acceleration, but given that software drawing was fast enough on a 16MHz 386, that's probably not a problem...

I had no idea (2)

Beelzebud (1361137) | more than 3 years ago | (#34898162)

that there was a 64 bit version of Windows 3.0!

Re:I had no idea (1)

Teun (17872) | more than 3 years ago | (#34898406)

That's why we come here, to learn.

Re:I had no idea (1)

Sulphur (1548251) | more than 3 years ago | (#34898816)

that there was a 64 bit version of Windows 3.0!

It failed because of 64 bit viruses.

Differencer between ClamAV4Win and ClamWin (1)

djfuq (1151563) | more than 3 years ago | (#34898682)

Looks like these guys are packaging clamav with a real time scanner on Windoze. That was what made a different product (ClamWin) useless for end users because it didn't have a RTS.

ClamWin = what was out years ago and has no RTS
ClamAV for Windows = Attempt to add a RTS

Or am I missing something here?

How is this different from ClamWin? (2)

Andrioid (1755390) | more than 3 years ago | (#34899414)

I've been using ClamWin (http://www.clamwin.com) for years without any problems. Does anyone know the difference?

For Windows? (0)

Anonymous Coward | more than 3 years ago | (#34900020)

For Windows, aye? What else would an antivirus program be for???

ClamWin? (1)

scurvyj (1158787) | more than 3 years ago | (#34900660)

Where does this leave/put ClamWin then? I stopped using ClamWin because of the rising False Positives count, but then discovered all anti-virus manufacturers were suffering the same thing: the shitness of Windows.

Nowadays I just cautiously install and re-image from a backup every now and again.

A good free scanner would be good if the reliability is there (again).
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?