ePlaice / For the Best Software on the Net

Mainly Free and Open Source Software

Security Navigation

Virus | Spam | Firewall | Firewall Basics Configuring Firewall | Blocking IP's Spyware |

Valid XHTML 1.1

Latest news

08 Aug 2007: A new version 0.91.2 of Clamwin has been released with improved virus detection.

27 Apr 2008: AVG Free Edition 8.0.100 released with new interface and free anti-spyware.

Links:

Anti-Virus Software

Clamwin

Anti-virus checkers have been going for a considerable length of time. At first the only virus that the PC was likely to get was from a file imported on a floppy disk. However, since those early days it is much more likely that the virus will infect your computer via the internet. My early experience has been gained using Softwin's Bitdefender; there is a free lite edition at the Bitdefender website, and there is also a pro version with more features.

At the moment my preferred Anti-Virus program is AVG Free which after a trial period has proven it has all the features that should be present, uses a reasonable amount of resource and rates highly in terms of viruses detected. Previous to that I tried out Clamwin which is a free and open source virus scanner. My main concerns with Clamwin were the lack of real time protection and no automatic method of scanning email messages as they arrive which coupled with the rather slow scan speed made me look for an alternative. This means it doesn't show up on the Microsoft Security Centre, implying that you are not virus protected. Apparently this functionality will be added in the version 1.0 (date not known), then as far as I can see this would be a hard choice between it and AVG Free Edition which just runs in the background effortlessly. At the moment there is quite a lot of development going into new releases and it seems that the GUI frontend is due to have a revamp based on NET 2.0 Framework.

AVG Free Edition (Version 8.0)

I started off using AVG Free Edtion 7.5 and have recently moved on to version 8.0. This has an impressive list of facilities including the Resident Shield which gives real time protection and also appears in the Microsoft Security Centre as giving Anti Virus protection. In fact it now has all the features I was looking for (which are currently absent in Clamwin), plus some I am not so sure about. So far I am impressed with the speed of running full scans and the fact that the scan encompasses virus and spyware checks.

Real Time Protection

The Resident Shield protects your system against any bad file downloaded or indeed any existing file when you attempt to open or execute. It runs transparently in the background protecting your system against the virus from executing. It is unusual to find in a free anti virus program real time protection; one might have expected to find this in a the professional version, but I'm not complaining! I found Resident a bit of a nuisance when it objected to some of the Microsoft Silverlight files which have names like default.html.js, so in the end I just renamed these to default_html.js. Note that if the Resident does detect a virus you have to take your own action to remove the virus.

Safe Downloads

Version 8.0 does not provide safe downloads i.e. check all downloads for viruses. You have to pay for this feature if you really need this.

Anti-Virus and Anti-Spyware Scan

The scheduler automatically runs a full scan of the computer examining evey file on your PC. The scan time is obviously dependent on the number of files checked, but currently on my machine (Quad Core 6600) it checks about 29GB in 42 minutes, which seems acceptable to me at the moment. As a bonus the scan also includes check for spyware and it normally finds a variety of Tracking cookies which you can arrange to heal or move to the virus vault. A report is available for viewing at the end of the run, providing details of the scan, including total objects, infection found and spyware found and what action was taken.

Scheduler

The scheduler allows you to set up a full scan each day and check for database and software updates at certain fixed times. You can also schedule a scan to start on system startup if you miss the scheduled scan. With the professional version you have the ability to schedule your own user tests and apparently the update service runs a lot quicker, but I have to say the absence of neither of these have caused me problems. So far, I have not been able to continue a scheduled scan if it is interrupted - something that was available on the 7.5 version.

e-Mail Scanner

The e-mail scanner automatically checks all incoming and outgoing (optionally) e-mails for viruses and gives a little message at the bottom of the e-mail saying that AVG has checked it for viruses. All very reassuring and one of the things that I did not find with Clamwin.

AVG Link Scanner

The Link Scanner, which works in both Firefox and Internet Explorer 7, is a very nice idea but unfortunately has caused a lot of pain. The aim is that when you do say a Google search all the search items appear with either a tick inside a green star or a cross inside a red star or a grey question mark, advising you of which sites are safe to search and those sites which have potential malware. In Firefox this appears as an Add-On called AVG 8.0 Safe Search, but you will quickly find that that your searches take much longer and worse still you will get a lot of crashes in Firefox. It's no use sending the error report to Mozilla or to Microsoft (because the same problem occurs in IE7). The easiest way is to just disable this feature on the Firefox Add-Ins page. Hopefully, this error can be corrected, but I am not too convinced as I had exactly the same type of problem when I used Comodo Verification Engine.

Update Manager

There is an automatic update manager which provides daily updates to the virus database and from time to time you can receive updates to the AVG Software via the Update Manager (unless of course there is a major software upgrade - in which case it's best to uninstall and download the new version, as for example when going from version 7.5 to 8.0). It all seems to work smoothly, but recently I have found a whole lot of .bin files which must be associated with the updates in c:\Documents and Settings\All Users\Application Data\avg8\update\download\. I hope there is some auto cleanup of these files but am not convinced, so will have to start manually deleting the old ones soon.

Conclusions

Even if this was not a free product I consider it to be well up amongst the best anti virus and anti-spyware programs. It does a professional job, very efficiently and with the minimum of fuss. Apart from a few small niggles I would not expect paying for a competing product to provide any major advantages.

Clamwin

In its existing form Clamwin, is well worth checking out. This offers Free Antivirus complete with an easy installer and open source code at no cost. Clamwin features:

  • Scanning Scheduler;
  • Automatic Virus Database Updates. ClamAV team updates Virus Databases on a regular basis and almost immediately after a new virus/variant is out;
  • Standalone Virus Scanner;
  • Context Menu Integration to Microsoft Windows Explorer;
  • Addin to Microsoft Outlook

Since the release of version 0.88.1 the cygwin windows compatibility module is no longer used. For the end user this means that the virus scan is now a lot quicker than previously and so one of the few issues that I had with this product has been mitigated. In the future there is a possibility that it will be able to check new downloaded files and e-mail on the fly. There is also a promise of closer integration with the Thunderbird email client.

Virus Scan Downloaded Files

Automatic scanning of downloaded files is not supported yet in Clamwin. There was an unsupported Firefox Add-on called Clamwin Anti-Virus Glue, but this has now been removed from the official list of Add-ons on the Firefox website. Although, I still had a version that worked I decided to discontinue it's use because sometimes it would hang whilst checking out a file. While waiting for the real time features in Clamwin I decided to try out the free AVG Anti-Virus. So far, this seems a very useful substitute, in fact so much so that Clamwin will have to be very good indeed to match the AVG Anti-Virus facilities.

Virus Scan E-mail

Currently there is no automatic scanning of email items received by Thunderbird and this is one of the reasons why Clamwin does not show up on the Microsoft Security Centre. However, this is a promised feature so watch this space for developments.

Virus Auto-Protect

Clamwin does not monitor your system in real time against new virus infections. Again this is a feature on the wish list and another reason why maybe you should look at running another virus checker such as Spybot which has the resident Teatimer.

Full Virus Scan

The first function is to scan files, folders or the whole disc for potential viruses that have infected your system. It does this by investigating all the selected files against a database file containing signatures of all the current known viruses. This database file must be kept up to date with the latest viruses, so there is a constant need to download the latest updates from the anti virus website. This is also why some people like to run more than one anti-virus checker to give greater coverage in case not all the updates are applied quickly enough. My experience is that the Clamwin updates are about two to three times a day, which gives some idea of the speed with which new virus threats are appearing.

Scan Memory

This is a fairly new function which scans all programs running in memory for viruses. It runs very quickly and gives that little bit extra peace of mind that you are running 'clean' programs.

Quarantine Function

If you are unfortunate enough to detect a virus then you need to take immediate action to either isolate it or have it removed. Your virus checker, may well have an option to remove it as part of the application. Alternatively, you may wish to do a search using Google for further details and then download a fix. In some cases you may need to enlist the services of an IT expert to clean up your machine. However, make sure that this person knows what they are doing - use friends or family for advice. Whatever, the state of your machine, make sure you have backups of all your important files and don't forget to make sure these are virus checked before doing a restore. If your system restore point is corrupted, you may need to switch off system restore while installing the fix to remove the virus and then don't forget to switch it back on again.

Additional Comments

The running of any checking software can take a long time, this is because every file has to be checked, just to find a single virus. To do a full scan on 15gB of data takes over two hours on my machine which is quite a long time. I am of the opinion that on demand virus checkers are worthwhile, but not as the main line of defence. Once you have a real time virus checker then it becomes a more worthwhile exercise since you can check each file before it can do any damage. Of course a once or twice a week virus check of your hard drive can be reassuring, if as hoped, you find no problems.