|
|
#1
January 28th, 2006, 10:12 PM
|
||||
|
||||
Is it good or not? [About Clamwin]
Cheers,
I have more than 25 Virual Machines in my PC. One of them which is named "DenemeTest5" is heavily infected with more than 200 known viruses and this VM is surfed through very dangerous web sites and downloaded tones of malware from them. I use it to test some software reviews for my website. What ever. I run Nod32 for on-access and Kaspersky 4.5 personal pro, Bitdefender 8 free edition, Clamwin for on-demand also Ewido anti malware on access and Adaware on-demand on the pc, not on the VM. I run a full scan with all of them except ClamWin everyweek, and they find nothing at all. Today I made a full scan with Clamwin and get this alert: -------------------------------------- Scan started: Sat Jan 28 20:57:21 2006 ERROR: Can't open file C:\WINDOWS\system32\config\default ERROR: Can't open file C:\WINDOWS\system32\config\SAM ERROR: Can't open file C:\WINDOWS\system32\config\SECURITY ERROR: Can't open file C:\WINDOWS\system32\config\software ERROR: Can't open file C:\WINDOWS\system32\config\system C:\Documents and Settings\Tansu\My Documents\My Virtual Machines\DenemeTest5\Windows XP Professional-cl1.vmdk: Hacker.2 FOUND -- summary -- Known viruses: 43165 Engine version: 0.88 Scanned directories: 5581 Scanned files: 66063 Infected files: 1 Data scanned: 18434.98 MB Time: 10891.628 sec (181 m 31 s) ------------------- Completed Now my question is, while others scan this VM and found nothing, ClamWin found this. Is this a good thing for ClamWin or bad thing? Does a good Av should find somethings in Virtual machines? Regards
__________________
Turkish
Redmond, we have problem here! |
|
#2
January 29th, 2006, 12:37 AM
|
||||
|
||||
|
sounds good..
dont rely on my responce you might want to wait for a expert to respond
__________________
Metallica #1 band in the World, Slayer # 2, Megadeth # 3 Last edited by Bubba : January 30th, 2006 at 09:39 AM. Reason: combined posts |
|
#3
January 29th, 2006, 05:00 AM
|
||||
|
||||
Re: Is it good or not? [About Clamwin]
I am not expert.
I also got some errors like yours, but maybe it's natural for some antivirus to produce this but as long as it didn't cause some malfunctions on your system and it scans and runs smoothly I think its okay. ClamWin finds several trojans on my pc not detected by my anti-trojan scanners.... so Clam is probably one of the best I think, but the only problem w this AV was that it's scans very slow compared to my other scanners. This is the slowest scanner I have ever used.   |
|
#4
January 29th, 2006, 09:50 AM
|
||||
|
||||
|
Re: Is it good or not? [About Clamwin]
I notice some false positives when scanning with the Clam.
Cut/Paste from previous thread: Open source AV has quite a following. Primarily used on server end by some big players like Fastmail. Reviews rarely give it a stellar rating, however, due to being open source, they've had some remarkable signature update response times. I do like it's simplicity (just hope you're not in a hurry when doing a full scan). Quote:
Quote:
|
|
#6
January 30th, 2006, 04:58 AM
|
|||
|
|||
|
Re: Is it good or not? [About Clamwin]
Quote:
Why should they? They should find malware on a RUNNING VMWare within the installed AV on this VMWare Partition, but not in an image file. How will you clean this file out from the VMWare image file anyway? |
|
#7
January 30th, 2006, 05:01 AM
|
|||
|
|||
|
Re: Is it good or not? [About Clamwin]
ClaimAV doesn't have any proper filetype/virusrecord matching. That means it's possible that it can detect a Win32 Executable infector in some strange file, even without any proper MZ/PE Header.
|
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
