Slashdot Mirror

or suddenly realize that it's too much trouble to replace them with.... ehm... Norton? McAfee?

ClamAV? ClamWin? Works for me :)

Not true. A firewall cannot prevent from a virus taking over your computer, it only protects from accessing specific ports.

The big problem that Windows had prior to XP Service Pack 2 was that it had numerous, unnecessary ports open by default that were riddled with security holes. It was so bad that you just had to connect to the Internet without going to ANY sites and you would get infected. It was that problem to which I referred in my original post.

But you are quite right that once you start actually going to sites that you will need some antivirus software, like the Microsoft Security Essentials that I wrote about earlier. Although, I found that if you disable ActiveX then you hugely diminish the need for antivirus software just for general web browsing. I used to do that and use ClamWin so I could scan files I downloaded. It didn't have realtime protection that slowed down the computer.

I really think with such usage and money is being made

http://www.clamwin.com/content/view/180/105/ (donation)

and of course, same donation to clamav(.net), the "real thing" should be made.

People may think such famous projects are swimming in donations money but it is generally not the reality. There is no license confusion there either, it is free but donations accepted, whatever money you feel like. In TV business, I sometimes see ffmpeg being used in million dollar projects without a cent of donation, it really pisses me off. I bet little shops are way more ethical.

http://www.clamwin.com/content/view/18/46/

And it's free!

A portable version of ClamWin may do the trick.

http://www.clamwin.com/content/view/118/89/

. All the free antivirus software specifically says it's for non-commercial use only

clamwin is GPL which, of course, can be used in a commercial setting.

As usual, this is a problem that can be solved with open source. See ClamWin.

http://www.clamwin.com/ Although it is missing an on access scan, I am not sure if that is a plus of a minus.

A definite plus. I've never gotten a virus infection on my desktop, period. If anything uses one iota of resources other than when it's doing the weekly scan to make sure this remains the case, it's junk. It's wasting time on something that's far too unlikely to ever happen for me to justify the wasted time and resources. But just because it's never happened doesn't mean it never will, and how would I know if I wasn't looking for it? Thus, I do the regular scans. I need a scanner, I don't need a "shield".

http://www.clamwin.com/
Although it is missing an on access scan, I am not sure if that is a plus of a minus.

Don't forget the open source Clamwin antivirus program.

http://www.moonsecure.com/

Should be a better fit as I believe it uses the windows idea of how an anti-virus program should work (scan on read.)

Don't forget the open source Clamwin antivirus program.

The job of a virus scanner is to scan files for virii, not to monitor the filesystem for changes. It seems that one of the major problems of windows, compared to other OS's, is that there is not a good ecosystem of simple utility services. In a linux environment, it's easy to use fam/gamin to be notified of filesystem changes, and then get the virus scanner to use fam/gamin instead of writing the code necessary to do the filesystem monitoring.

In the absence of such an environment, in order to provide similar functionality, the antivirus developers must write the filesystem monitors themselves. This is also true for antispyware developers, etc. This can cause problems when these programs are from different vendors, and each program has its own means of monitoring the filesystem, which can cause unnecessary lag and memory usage, and sometimes competition over which process get access to which files (causing the system to become less responsive).

These statements may not be as true as they once were, at least with respect to filesystem monitoring. I don't really have much experience with any version of windows after xp, and only limited experience with xp. Regardless, the manner in which commercial software is developed, marketed, and distributed sometimes makes it difficult to use third party "middleware" with a commercial solution. Often, if such middleware isn't developed by Microsoft, and present or available for the target system, the developers must make their own solution. ( http://www.clamwin.com/content/view/35/27/ -- here we see that the clamwin developers are being "forced" to do exactly this)

(I was just looking and came across this article - http://srikanthtechnologies.com/articles/dotnet/file_system_monitoring.html)
It seems that there is an api to do the file system monitoring, but not yet any standard service to perform the action, which is the critical difference.

With regards to Winpooch and XPsp3 (and likely vista, win7, win8 ...) you may want to read the third post on this forum thread: http://forum.sysinternals.com/forum_posts.asp?TID=14895

This is likely the main reason that development on winpooch has stopped.

Even though winpooch is dead, the interaction between winpooch and clamwin demonstrates an appropriate separation of responsibilities. Winpooch monitors, and clamwin scans. So, winpooch doesn't have to scan (as it can call clamwin for that, or another drop-in replacement) and clamwin doesn't have to monitor the filesystem, as it can rely on the monitoring program, in this case winpooch, to call it on alterations in the filesystem.

It would be nice if the clamwin developers were making the filesystem monitor that they are now having to develop as a separate component (even if distributed with the scanner), so that other programs could plug into it, saving them the trouble of having to develop their own solution.

What about http://www.clamwin.com/ ?

Any commercial use of the software, and any resale or further distribution of the software, other than as expressly authorized by this agreement, constitutes a material breach of this agreement and may violate applicable copyright laws.

Looks like you were advocating copyright infringement. Clamwin is the only Free Software virus scanner I know of.

ClamWin doesn't support on-access scanning, so it's currently a non-option for a lot of people.

Of course if you're not supporting Windows desktops, you're free to use whatever you like.

AV program ClamWin should do the trick very well. Lightweight and works well.

So use a free option.

I used to use a little Server 2003 box in a pretty workstation-y fashion, and ClamWin worked well for me. It apparently runs on 2008 with some niggling issues.

Clamwin

clamwin almost doesn't suck ass. http://clamwin.com/

According to http://www.clamwin.com/content/view/35/27/, on-access functionality is going to be in the next major version.

ClamWin is very light and open source.

Just to be fair, ClamWin deserves a mention too. It's free as in speech as well as beer.

Never used it myself, but my clients who have say Avira AntiVir has annoying daily nag screens trying to induce upgrading to the commercial product.

For that reason I suspect Avast! or ClamWin might be a better choice.

I used Clamwinfor my AV needs. Tons of settings to adjust to your needs as well as email AV protection. http://www.clamwin.com/

The main problem with clamwin is that it does not do on-access or real-time scanning. *All* virus scanning is done manually, or via schedules.

It works *great* on mail servers (I set clamAV up for a school on their courier-imap/postfix mail server and it cut down the amount of crap they received *greatly*).

I don't use windows on the desktop so I cannot really comment, however I do administer some Linux mail relays that use ClamAV with extremely good results.

I mention this because there is a windows client that uses the same FOSS engine -- ClamWin.

I don't use windows on the desktop so I cannot really comment, however I do administer some Linux mail relays that use ClamAV with extremely good results.

I mention this because there is a windows client that uses the same FOSS engine -- ClamWin.

Here I was, planning to mod this discussion, but I can't believe what you just wrote.

I... wonder why nobody has proposed some kind of govt subsidized antivirus program... why not buy out ESET or similar and allow all US residents (or the world, for good will) to get a good free antivirus?

You're kidding, right?

Please, tell me you are kidding!

Why in the name of GFSM or whatever deity you care to insert would anyone in their right mind do or propose this? It boggles my mind since what you propose is already available! And has been for years.

To forestall certain trollish and flamish responses (oo, woe is me to think this might work), if this really was a good idea, one could promote these services far more cost effectively than actually funding/buying them.

But of course it is a terrible idea, for any of the following reasons:

1. The US government would not likely do any such thing, given that these services are in competition with American corporations.
2. The money would be far better spent funding better OS research and development, for example the Programatica project and its work on House and Osker (PDF WARNING)
3. The money would be better spent on improving existing alternatives to Windows. Personally, I like Ubuntu (YMMV), but I don't know that they need the money (sure, everyone would like more $$, but Canonical has pretty deep pockets, no?).

But for now it simply doesn't matter - too many users are ignorant of the fact their OS comes from a vendor who simply doesn't give a damn and/or wants to squeeze yet more $$$ from the pockets of its beloved customers, whom it loves and respects dearly (either for its own bank accounts or those of its incestuously intertwined corporate "partners")....

I think ClamWin is a decent open source antivirus. Only gripe I suppose is that it does not have an On-Access scanner. You can still schedule scans though. http://www.clamwin.com/

I don't understand about the products not being open source. Can't you get the source for clamwin as advertised here: http://www.clamwin.com/content/view/178/27/ ?

ClamAV does have a daemon, it just doesn't have on on-access scanner for Windows -- yet. The people over at Clamwin http://www.clamwin.com/content/view/35/27/ are working on one. Linux users interested in on-access scanning should look up Clamuko, but then if you run Linux you probably don't need an on-access virus scanner...

1. new people available to projects
2. old people now unavailable to project

I observe that at this time, the increase in new people on the Internet dwarfs changes in either rate. True, the loss of key players can kill a project. Just because more middle-class white males may be forces to stop working on 'F/OSS' will not mean the end of F/OSS. OpenSource is not a business in competition with proprietary software. And as long as a project is Opensource, someone can dig up the old tapes and start patching away. The pool of raw talent is growing. Invite these new people in, they might be able to help.

Inability to upgrade, leads to more intense skill sets.

I agree that manufactures have been dumbing down the documentation. This is done not only to be friendly to the Aunt Mable crowd, but also protect this new "Intellectual Property" that the marketing department has gotten the legal department worked up about.

However, real - or open - standards vs fake - de-facto / Microsoft - standards are published in their gory detail. Many many books are published today on the details of how things work, worked and will work. However, you must go to your library and read them to benefit. Today many people want instahacking sk1llz at the push of button. Unfortunately, the real world is also garbage-in/garbage-out. Those 3rd world folks are required to put in the effort to make work what is just a push-of-a-button away for 1st world people. The difference if subtle: they have to read, you ought to read.

And, to top it off, I resent the SourceForge and all such "organizations". I much enjoy and miss, the days when each project had it's off-beat web-site hanging off of some obscure computer connection, or even hosted by some free hosting site like Geocities. Greatly enhanced the fealing of individuality and added a lot of color to the Linux community. When Sourceforge came around, it so much feals corporate, institutionalized and all the horrible things that most of us hate.

Enhanced the fealing (sic) of individuality? Don't you mean ugly?

Hmmm, let's see: sourceforge provides webhosting and other tools for a project, but how many still have their own websites?

• Slashcode @ sf.net points to slashcode.org
• keepass project's site is keypass.info
• filezilla is hosted at filezilla-project.org
• The TortoiseSVN project has a nice site at tortoisesvn.net
• Clamwin uses clamwin.com
• many more...

And that was just from clicking randomly on the top 10 downloads page. (Technically I also hit sourceforge's own project, but can you really blame sourceforge for hosting at sourceforge?) I don't really see the addition of a useful 'professional' index really impacting the 'feals' (sic) of the projects. I think it's less geocites and more "it's only 100 bucks, just register the domain already."

You still end up at some obscure computer connection for many projects. Not everything is a myproject.sourceforce.com site. However, for tiny projects they get free hosting and some do fairly

How about this?

Let's not forget ClamWin, which will give ClamAV protection to Windows machines. The only real criticism I've seen is that it doesn't have a real-time scanner, but supposedly one is in the works. As it stands now, you can pair it with WinPooch for real-time scanning.

Sorry, forgot. ClamAV for Windows is here. The other link is to the main ClamAV package, which really is meant more to run on a Linux mailserver, scanning every message as it goes through.

To clarify, ClamWin is a Windows GUI for ClamAV. So if you're just looking for something to install on Windows, you only need to download ClamWin. (Or Avast, if you'd prefer that.)

It's amazing what a false sense of security people get from running anti-virus software. They don't even realize that they still have to be careful because 0-day threats aren't in the latest virus definitions yet. They think they can do whatever they want, because they are protected.

The whole company has since gone anti-virus free on the desktop, and problem reports and performance complaints have dropped way down. Education and a healthy dose of respect for the evils of the world work better than any anti-virus on the market. And the cost savings are nice too.

Does it matter what they can or can't catch when we know it's a simple matter for a malware maker to pay them off or threaten them with DMCA or other lawsuits? The fact that antivirus companies intentionally overlook dangerous and harmful malware/viruses is enough to justify the need for open, honest computer security products. I'm delighted for the work of projects such as clamwin AV for just this reason.

Clamwin: http://www.clamwin.com/content/view/18/46/

It's free and open-source, but doesn't have an on-access scanner. AVG and Avast are commercial, but have free versions.

http://www.clamwin.com/

It is simple to install and run. It doesn't have all the features that McAfee or Norton have, but on the few occasions that I've had problems with computer viruses, this has worked to remove them

There's actually two versions:

ClamAV for Windows, a simple command-line utility
ClamWin, which I use. It has a GUI and scans on demand. It can also run scheduled scans/updates. While it is far less intrusive than most antivirus programs, it does put an icon in the system tray for doing the scheduled stuff, and there's no option not to run it at startup. It can be removed easily enough by removing the startup entry using autoruns or regedit, though.

I'm with you on e-Sword, Google Desktop and Picasa - it's a pretty good list actually. Open Office however has really gotten on my nerves with how it toddles along, GIMP is awesome but not lean by a long shot, and AVG Anti-Virus is the most annoying nagware I have ever dealt with in my life. Clamwin is open source and much, much better all around.

If Symantec and McAfee will let SONY hack your PC, they'll let the government hack your PC. Can anyone recommend a virus scanner that looks after the customer rather than the virus companies one-day maybe potential business partners if they get lucky?

I needed to rebuild my T60 with a fresh OS. Which was easier? MS Windows with a factory install disk, separate disks for Office and for Virus protection and then a lot of hunt-and-peck downloading for various apps like Thunderbird, Firefox, SSH, and Calendar or....Ubuntu with one CD and an OS that includes an integrated, extensible, and slick software package manager where all the software is approved and tailored to the installation?

You are a Linux administrator and you have to "hunt" and "peck" for your common applications? The majority of what you listed, the product names are the domains involved. You consider changing disks or even opening your disk binder some kind of hassle?

2) Buy a Symantec subscription because I was done with the 90-day free trial - $49.

Here we go again. Another "expert" who can't seem to locate ClamAV? I am about sick of articles where the person doing the review claims to have expertise in IT, then immediately turn around and not find one of the most common, cost saving tools you can get for Windows. It's here, for the apparently IT experts who have yet to hear of it: http://www.clamwin.com/

3) Buy an extra 512MB of RAM because XP couldn't run Firefox, Thunderbird, MS Word, MS Excel, and SSH all at once with 512MB of installed RAM - $104.

Ok, show me a screenshot of what happens when you attempt to run these applications all at once. Explain what, exactly, the computer does to notify you of this. I inquire because I ran XP for years with 512MB of RAM and I had OpenOffice, World of Warcraft, cygwin-x, 3-7 rxvt sessions, ssh tunnel to work, and Thunderbird open just about eight hours a day, five days a week. Sure, it wasn't like when the system is running nothing, but it certainly wasn't too slow. Unless you have swap turned off, then there's no reason why the system would magically quit opening new programs.


4) Install all of the above with product keys along the way - four hours? Maybe six? Maybe more because the tools for getting 2GB-3GB of mail data back into Thunderbird in Windows aren't nearly as good as the same tools in Linux.

Well, if you were using TB before, you can just drop your mail folder on the new system unchanged and open the application. Why aren't you more specific here? Is it because you are continuing to try and shed Windows in a negative light without being able to attack it from a technical standpoint? Much like a few of your prior remarks in this story, Linux gets some kind of free pass continually, while the teenies little thing in Windows is a big deal breaker.

1) Viruses - I no longer worry and I no longer need to check my PC - that's a relief. You can pick nits here about security but the bottom line is Ubuntu is orders of magnitude better.

So you said that knowing it is stupid. True, it's better, but you are trusting strangers with your candy any time you have any kind of machine on the Internet. Replies from people who get stuck on this one will be disregarded.

2) Vulnerabilities - Windows is like Swiss cheese with so many vulnerabilities that it's sick - you can't connect XP to a public Internet connection (i.e., behind a router is OK but direct to the net isn't). Ubuntu? It's Linux - no worries.

True, XP SP1 will get destroyed shortly after getting an IP on an open network without security updates. This, too, isn't really a good point of review. Why don't you go grab a Linux CD from October 25th 2001 and install it under the same circumstances you claim XP is so bad for and let's see how long it lasts without updates or securing.

3) Thanks to #1 and #2, I'm free from products like Symantec and Norton and the dollar expense, the complexity of administering them (those pop-ups are annoying and a productivity hit), and wondering when they expire next.

Sounds great. See my responses to #1 and #2, then grab ClamAV. I've never run Norton or Symantec on XP and never had any problems. It's

I have not actually seen what is on their CD, but there are some examples of free programs, most of which, have already been mentioned, that are available for both Windows and Linux.

• Firefox Web browser
• Thunderbird full-featured email program
• GIMP Image Manipulation Program
• ImageMagick software suite for creating, editing, and composing bitmap images
• Inkscape is an Open Source vector graphics editor
• ClamWin free antivirus scanner for Windows
• 7-Zip file archiver
• Celestia space simulater that lets you explore our universe in three dimensions
• OpenOffice office suite
• Scribus professional page layout program
• AbiWord word processing program
• Gnumeric spreadsheet
• LyX Document Processor
• Gaim multi-protocol instant messaging (IM) client
• Audacity Sound Editor
• Blender the advanced 3D modeling program capable of producing high quality animations
• VLC - the cross-platform media player and streaming server
• Nvu complete Web Authoring System

i'll admit it's been a few years since i gave up on buying a linux laptop (when VA linux got out of the hardware game the only vendor left for a long time was emperor linux and their stuff doesn't come cheap.

it should also be mentioned that open office installs on windows as well, and so does clamAV

Think about the AV products for Linux or Mac. Most of them clean Windows viruses out of files/emails so that they won't infect other machines

Yup, use ClamWin - it costs nothing and it works the way it should: http://www.clamwin.com/

So, you are roughly $100 out of pocket and you still haven't discovered ClamWin: http://www.clamwin.com/