Avast free vs Clamwin-infection?

Hello!

If I update the virus signature base of Clamwin AV, sometimes the resident shield of Avast found a “trojan horse” in the update module of Clamwin.

See: the jpg.

This is strange, because
-the source (clamav libraries) are trusted

And stranger:

  • I added the full clamwin directory to the exception list of avast file shield module.
    How can find an infection in this dir, if this dir can be foudn in exception?

Thanks!

Sound like an issue from avast side. Anyway you should try to submit the file to virus@avast.com (if the files can be sent via email).

This is strange, because -the source (clamav libraries) are trusted
not strange..... ClamAV is a antivirus program antivirus programs are known to detect on other antivirus programs, as they have virus like behavior and are full of virus signatures

and that is why you should not install multiple AV programs
this will give you a slower machine, mysterious windows errors and false detections

???

False detections?
I ADDED the full ClamWindir to the exceptions list of Avast file shield.
How can generate the avast FALSE detection, if the scan of the “infected” dir is forbidden?

Second.
ClamWin hasn’t a resident shield. It can’t slow down my pc, and can’t affect another av shield-because clamwin hasn’t any shield.

false detections

explained here … see post from quietman7
http://www.bleepingcomputer.com/forums/topic186533.html

General: Uninstalling a third-party antivirus software
http://www.avast.com/en-us/faq.php?article=AVKB11

if you want an extra scanner, Malwarebytes is recomended. www.malwarebytes.org

Yes I have to agree with Pondus, you could use Malwarebytes for manually scan your pc from time to time, and since starts manually, I don’t experience no conflict, no false detection, no slowdown, nothing. Any way avast has a strong detection, only thing that Malwarebytes found in my pc since I start to use avast(since v.4) was tracking cookies.

Regards RealNature,

only thing that Malwarebytes found in my pc since I start to use avast(since v.4) was tracking cookies.
very strange.....since Malwarebytes does not scan for tracking cookies. ;)

Believe it did a very long time ago.

It’s never scanned for tracking cookies that I can remember ??? SuperAntiSpyware does.

Clamwin does have a portable version which I use for customers.

Craigb is 100% correct and I can confirm this Malwarebytes does not scan for tracking cookies, only SuperAntiSpyware does scan for tracking cookies they have an option setting to turn this off.

hmm I recall a long time ago I use to have to say not to worry about the cookies…i think back then I was using AVG though perhaps AVG was the one that picked up cookies.

@ molngab
No it isn’t an FP when an AV that is in the lookout for virus signatures alerts when it finds the unencrypted virus signatures of another security application.

Your image doesn’t show the full path to the ‘Object’, so it is possible it isn’t in the clamwin directory ?
Updates as such may well be in the/a temp folder whilst being processed and removed when complete.

EDIT, incorrect user name for reference.

You’re right, I confused with Superantispyware. My bad ;D

ClamWin AV is not a resident antivirus, and does not have the capability to be resident. The only resident part is the signature updater. ClamWin AV can only be used as an on-demand scanner; triggered by the user or another program. Therefore, ClamWin AV does not conflict with Avast or other resident antivirus programs. However, since ClamWin AV program file was recently updated, Avast does occasionally alert on the ClamWin signatures during ClamWin’s update process.

ClamWin AV is not a resident antivirus, and does not have the capability to be resident.
it does..... if you use Clam Sentinel. ;) http://clamsentinel.sourceforge.net/SentinelSimpleGuide.html
Therefore, ClamWin AV does not conflict with Avast or other resident antivirus programs.

quote quietman7
“However, even when one of them is disabled for use as a stand-alone scanner, it can affect the other. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources.”

Without ClamSentinal, which is a separate program which integrates with ClamWin AV but requires a separate download and install, ClamWin AV has no resident components that can interfere with Avast.

Something in ClamWin AV updater has changed that causes Avast to sometimes alert when ClamWin’s signatures are updated. However, even with the alert, it hasn’t caused a problem with either Avast nor ClamWin AV.

ClamWin creates .tmp and .clamtmp files in C:\Documents and Settings\Ownername\Local Settings\Temp (on XP). This is usually where Avast finds ClamWin infections.

Thanks Simon, that confirms my suspicion in Reply #12 that the exclusions doesn’t work because it isn’t in the clamwin directory but a temporary one.

You’re welcome, DavidR.