Hi This thread is part question and part information (i.e. personal experience) I know ClamAV hasn't the best reputation here but I've been actively keeping a check on its performance on the Shadowserver page - where ClamAV has a respectable performance compared to other AVs. On that note, I wanted a complementary, portable scanner so ventured to the main page - ClamAV.net to download the Windows components. I'm avoiding ClamWin and ClamWinPortable since I prefer bare-bones command-line scanners. Effectively I end up with the only necessary files to carry out a full PC scan: clamscan.exe libclamav.dll bytecode.cvd - database file daily.cvd - database file main.cvd - database file The command arguments I use is: Code: clamscan --infected --detect-pua --recursive=yes --max-filesize=10 --database=. --log=log.log c: I limit the file size to 10mb to improve speeds and "assume" malware to be mostly smaller file sizes* (and to see how ClamAV performed in terms of speed). *taking a big swing in assumptions here... So a few questions: Is Shadowserver a good source of such performance? Does ClamAV hold its own considering the performance of above? Does anyone use ClamAV for similar scenarios (I know it's a mail scanner too)? Any suggestions to improve the command parameters I've used? Thanks!
