Security

ClamWin protects Windows desktops and servers against malicious software

ClamWin is a free, open source, cross-platform, and easy-to-use antivirus solution for Windows desktops and servers. Learn how to use ClamWin.

The Windows platform needs as much help as it can get in the fight against viruses and malicious software. There are plenty of solutions out there, but I only know of one that is open sourced and used by more than 600,000 users worldwide: ClamWin. The thing that sets ClamWin apart from other similar options is that it can be installed alongside other antivirus applications.

The one caveat to ClamWin is that it does not contain a real-time protection engine, so you can schedule scans and run scans manually, but you cannot depend upon ClamWin for real-time protection. But when you need that extra protection or want your antivirus to be less intrusive, ClamWin is a winner. Also, since ClamWin can be installed alongside other antivirus tools, it can serve as a great secondary solution. Or, if you're on a tight budget and are not a fan of the proprietary solutions, ClamWin can serve as your one sentinel against malicious software.

ClamWin's features

  • High detection rates for viruses and spyware
  • Scanning scheduler
  • Automatic downloads of regularly updated virus database
  • Standalone virus scanner and right-click menu integration to Microsoft Windows Explorer
  • Add-on for Microsoft Outlook to remove virus-infected attachments automatically

Installing ClamWin

There won't be much that trips you up during this standard installation. You might notice the install trying to add a toolbar to your browser (you can uncheck this option if you want), but other than that, the installation is very straight-forward.

  1. Download the ClamWin Installer.
  2. Double-click the .exe file.
  3. Walk through the wizard.

ClamWin only installs what it needs to run scans; this means no background services will be installed to bring your machine to a slow, grinding halt. Once installed, it's time to start using the tool.

Using ClamWin

You start ClamWin and run a scan. (Even during a full scan of a drive, the machine will hardly see a hit on resources. So if you're looking for an antivirus tool that can be used during work hours without slowing you down, ClamWin is the obvious choice.) To start a scan, follow these steps.

From the main window (Figure A) select the drive to be scanned and click the Scan button. Figure A

You can scan any drive with a simple click from this window. (Click the image to enlarge.)
There are four buttons on the main window (from left to right): Preferences, Update, Scan Programs In Memory, Scan Selected Files. The only feature you might not be familiar with is Scan Programs In Memory, which will run through the gamut of the .dll files in use to make sure none of them have been hijacked by malicious imposters (Figure B). Figure B

A scan of programs in memory in progress. (Click the image to enlarge.)

Managing infected files

By default, ClamWin only reports infected files. In order to have the application handle this differently, you must go into the Preferences window and then into the General tab (Figure C), where you will see three options under Infected Files: Report Only, Remove (Use Carefully), Move To Quarantine Folder. Figure C

I opted to have ClamWin quarantine possible infections. (Click the image to enlarge.)

I don't recommend selecting the Remove option because you could wind up causing problems with an application based on a false positive. The other two options are generally safe (if a false positive winds up moving a file to the Quarantine folder--C:\ProgramData\.clamwin\quarantine\--you can always move it back).

Another nice built-in feature is the application can email you if it detects a virus. You will need access to an SMTP server for this feature to work. To set this up, open the Preferences, go to the Email Alerts tab (Figure D), and configure your SMTP settings. Figure D

After you set up this feature, send a test mail to ensure it is working. (Click the image to enlarge.)

Scheduling scans

To create a scheduled scan with ClamWin, do the following:

  1. Open ClamWin.
  2. Click the Preferences button.
  3. Click the Scheduled Scan tab.
  4. Click Add.
  5. From the Schedule windows (Figure E), enter the information necessary for the schedule.
  6. Click OK.

Figure E

You can scan only specific folders or an entire drive. (Click the image to enlarge.)

Integration with Outlook and Explorer

ClamWin can also be integrated with Outlook and Explorer. There is nothing to do with Outlook integration. By default, it will scan incoming and outgoing messages. If something comes up as a virus, you will be warned. From within Explorer you can right-click a file or folder and, from the resulting menu, have ClamWin scan the file or folder.

Summary

If you're looking for either a boost to your current antivirus solution or need a cost effective, open source antivirus solution, look no further than ClamWin. It's easy to use, unobtrusive, and won't set either you or your PC back any of your precious resources.

About

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website getjackd.net.

7 comments
hardslog
hardslog

Immunet runs on the Clam engine and scans in realtime. www.clamav.net The problem with programs like AVAST is that it is only free for home and personal use. You can't use the free version on SMB computers.

RechTepublic
RechTepublic

Unlike many other free antivirus products, Clamwin does not scan for viruses in real-time. If an infected file makes it onto your system between your schedule scans you could easily infect the computer by just opening the file. I have seen it happen two times and, each time, the end-user thought they were fully protected and were completely baffled as to why their server was infected. Personally, I think paying for an antivirus product for Windows servers that has real-time scanning is safer than hoping that someone doesn't accidently infect the server because they don't understand how Clamwin works. The loss of data and productivity is typically far more costly than the cost of a more capable antivirus product. When it comes to Windows workstations there is no need for Clamwin because business users can use Security Essentials and home users have a long list of free, for personal use, antivirus products with real-time scanning like AVG Free.

tbmay
tbmay

...is pretty good for *nix servers to look for viruses on file, mail, proxy servers, etc. The Windowsified version...Clamwin...would not be my first choice for Windows machines. If you're talking about your own computer, I recommend you use Microsoft Security Essentials since it is free. Bigger enterprises should...and do....use enterprise solutions.

PurpleSkys
PurpleSkys

I don't find it all that intrusive and I can schedule it to do scans whenever I want. As a decent free application, budget doesn't become a concern. Add malwarebytes and spybot search and destroy (free versions of course), and I don't really see the need for something like ClamWin.

Matt Nawrocki
Matt Nawrocki

It's pretty decent, but I think the heuristics engine could be more robust. I tend to go more for other products on the market with more pervasive anti-virus and malware protection such as Microsoft Security Essentials, which also happens to be free.

fo128
fo128

I totally agree with your closing line PurpleSkys. At home, I use the two porgrams mentioned in my subject line (both free), and hopefully they overlap each other. Just to add, Malware Bytes also offers the memory scan (dll's). EDIT: Forgot to add that both programs I use do real-time monitoring too, thus exceeding WinClam's abilities yet again.

bellsarecalling
bellsarecalling

MSE in realtime bogging down memory in my PC, as shown by Taskmanager[XP]. Makes lauching other programs and respective response very slow. Soo...