ClamWin Antivirus on Cloud

1-click AWS Deployment    1-click Azure Deployment  1-click Google Deployment


ClamWin is a free antivirus programs accessible for Windows. What makes ClamWin exclusive is that it is GPL software. This means that it is free, and open source. ClamWin runs in your system tray, and can perform regularly scheduled system scans in addition to scanning Microsoft Outlook e-mail, and allowing you to right click any file and select ‘Scan with ClamWin Free Antivirus’.
ClamWin Free Antivirus differs from other free antivirus software in that it’s open-source, with no proprietary or commercial aspects. While it holds its ground in the antivirus protection department, it fails when it comes to blocking malware. The program doesn’t provide real-time protection, and it doesn’t check files as you open them or have them written to your hard drive. Scans are performed on-demand only, which means they initiate only when you schedule them or specifically tell the program to run one.
ClamWin Free Antivirus is used by more than 600,000 users worldwide and is preferred for its easy installer and open source code. It can be downloaded and used absolutely free of charge. The program is based on ClamAV engine and uses GNU General Public License by the Free Software Foundation. It is regularly updated via automatic downloads from a Virus Database.
All in all, ClamWin Free Antivirus is a good project but it falls behind other free antivirus programs in that it doesn’t provide real-time shields.

ClamWin is based off the expansively much-admired ClamAV project. According to their website “Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. The core of the package is an anti-virus engine available in a form of shared library.” ClamAV is the antivirus engine of choice for open source enthusiasts but it is used in popular commercial antivirus products as well.ClamWin is presented at We have to download and install Clamwin . Once installed a small tray icon will appear. Clicking on the tray icon will open the ClamWin main screen:


From the main window, you can select Tools -> Preferences to open the configuration screen:


The configuration screen allows you to set up scheduled scans, enable e-mail alerts and specify where alerts should be sent and via what mail server. The configuration screen also allows you to specify how a scan is run, and what files and directories to search and ignore.

The whole ClamWin tool is extremely up-front and functioning. Given the price tag there’s not reason not to install ClamWin if you don’t have any other AV products installed. Best of all ClamWin doesn’t do real time scanning so it won’t bog down your computer constantly looking at files while you’re browsing the internet or composing a document. Though ClamWin doesn’t offer some unconventional features it is still an extremely valuable tool.

ClamWin Free Antivirus Performance
ClamWin Free Antivirus is a comprehensive freeware antivirus product that comes with integrated regular definition updates, powerful scanning tools and a dedicated task scheduler.
During tests, ClamWin misses quite a few Trojan horses, password stealer and other malware, which puts it right next to PC Tools Antivirus in terms of performance. It completely failed to detect malware made to steal online-banking passwords and misses more than two-thirds of such samples. In terms of finding how well a program can detect new malware, it performs slightly better, detecting roughly one-third of the samples.
The biggest downside to ClamWin Free Antivirus is that it doesn’t provide real-time protection, which means that if you want to find and clean and infected file, you have to do it manually. Users need to point the program to the folder where they believe the virus resides and initiate a scan, which is inconvenient to say the least.
The scanning process itself is fast with the application taking up a moderate amount of computer resources, which can put a strain on older systems. Overall, it is the second-slowest app in on-access scanning–only PC Tools Antivirus had slower scan times with less than impressive results when it comes to infection detection, rootkit identification and clean-up.

ClamWin Free Antivirus Experience
During installation the program allows users to choose whether to integrate the program with Explorer and install the Outlook module, both of which we selected. If you right-clicking the program’s system-tray icon, you can configure and update ClamWin as well as schedule scans, display reports, manually check for updates, and attend to other matters.
The program’s main interface is clean and basic but efficient, with a simple tree view of available directories to scan. The app’s basic interface lists the hard drives and allows for scheduling regular scans, but users will need to schedule a separate scan for each drive. There is a right-click Explorer option to scan a specific file, but this type of scan is notably slow, and by default it only reports discovered malware. If you want an option to clean it, you must change the settings to quarantine or delete the file.

Running an extra on-demand scan can be a good addition to your regular backup for your antivirus application, ClamWin’s poor detection rate means it makes more sense to run an online scan from a commercial software maker, such as BitDefender or F-Secure, and skipping this open-source project.
The settings menu provides plenty of options, including dedicated tools for Internet updates, proxy servers, scheduled scans, email scanning and reports. ClamWin Free Antivirus can monitor and scan your email client as well, checking incoming messages to make sure they’re clean.

During installation it’s important to know that the installer comprises a third-party toolbar and attempts to change the default search provider in your browser, so users need to pay attention to every single step when setting up the program.

When scheduling or launching scans, you need to select the specific files or folders you want checked. The program does not provide real-time protection, and it doesn’t check files as you open them or have them written to your hard drive; you need to point it to the location of the suspected threat. There is, however, access to the update tool in order to get the latest virus definitions as fast as possible.

As an open-source antivirus, ClamWin stands out from other free programs with no proprietary or commercial aspects. It won’t pester you with pop-ups for upgrade or upselling options, but is rather limited in its performance. While it provides basic protection – in terms of blocking malware, it doesn’t get the job done.
ClamWin Free Antivirus works in Vista as well as in XP, scanning your files for viruses and spyware identified by a virus database that is updated several times a day. It does not yet automatically inspect files as you open them and can only clean infected files manually. If used in combination with another antivirus/malware tool – ClamWin can work well as an additional level of security.

Pros of ClamWin Free Antivirus
• Free
• No pop-ups and upselling ads
• Light on system resources
• Integrates with Microsoft Outlook

Clamwin is easy to install and runs well on most Windows versions with a graphical user interface to the Clam AntiVirus engine.It offers basic but feasible substitutions to the subscription-based premium antivirus programs, many of which rely on automatic conveniences and extras to justify their price tags. In general, ClamWin would be a suitable option for second PCs, infrequently used machines, and tight budgets as it does its job, even within limited parameters.

ClamWin is a Free Antivirus program for Microsoft Windows 10 / 8 / 7 / Vista / XP / Me / 2000 / 98 and Windows Server 2012, 2008 and 2003.

ClamWin Free Antivirus is used by more than 600,000 users worldwide on a daily basis. It comes with an easy installer and open source code. You may download and use it absolutely free of charge.

The latest version of Clamwin Free Antivirus is 0.99.1
Please note that ClamWin Free Antivirus does not include an on-access real-time scanner. You need to manually scan a file in order to detect a virus or spyware.
ClamWin Free Antivirus is based on ClamAV engine and uses GNU General Public License by the Free Software Foundation and is free (as in freedom) software.
ClamWin is owned by ClamWin ( and they own all related trademarks and IP rights for this software.

ClamWin on Cloud runs on Amazon Web Services (AWS) and Azure is built to easy installer with open source code.

Cognosys provides hardened images of ClamWin on all public cloud i.e. AWS marketplace and Azure.

ClamWin Antivirus on Cloud for AWS


Clamwin Features:

The desktop or service version
ClamAV can be used either in the service (daemon) mode or as desktop (on-demand) application. Every aspect has its own advantages. The server mode is more interesting for the real-time usage on an e-mail or proxy server. This real-time mode means that service is in memory and waiting for the client application to send a file for analysis. The service application will not scan the disks or network traffic.

For purpose of the disk scanning or traffic interception, we need some application. That application is known as the real-time module. We can have the real-time modules for different purposes. However, every real-time module will slow down the computer. Sometimes that will be minor and we will be not aware of it. Unfortunately, many times we will feel that performance is seriously degraded. That’s the eternal chase for the best balance between security and the performances.

Protecting the e-mail servers
Many e-mail solutions, either free (and an open-source) or commercial, have integrated the interface for the ClamAV. You can use ClamAV with hMail server, Mercury/32 e-mail server, XMail server or SmarterMail, just to mention some of the servers on the Microsoft Windows platform.

Virtually all Linux e-mail servers can be integrated with the ClamAV. Moreover, we can integrate the Squid proxy server with ClamAV and protect also the Web channel.

hMail i ClamAV


Very popular hMail server can be easily integrated with the ClamAV instead of the ClamWin in the newer versions. That will improve performance of the server. The ClamAV service will stay in the memory continuously, opposite to ClamWin which needs to load the signatures database on every scan request.

The Windows port – ClamWin
On the Windows platform you can use special version named ClamWin. This version is built on the ClamAV core and includes a graphical interface. That interface will alleviate administration and usage of the ClamWin anti-virus.


The ClamWin using the same anti-virus signatures as ClamAV, that will be downloaded from same update source.The ClamWin can be also integrated with the Microsoft Outlook as the e-mail filter extension. That can increase e-mail security on the customer side, especially if we don’t have other anti-virus solution or we need to use public e-mail services.

The ClamWin is pure desktop application. It can scan your disk on request or by schedule. It doesn’t contain real-time disk scanning module. Bear that in mind.

Although ClamWin doesn’t contain real-time module, we can use it on low risk workstations or servers. This can be very useful when we have some isolated servers with a heavy load (like the database servers or some real-time acquisition servers) where we must have server available almost 24 hours per day. Then we can just scan some parts of the disk during some low traffic or low usage hours.


We can speed up scanning even in that time if we choose only critical and mostly possible spaces where the viruses are expected. That will include the System32 folder, the Program Files and Program Data folders and optionally, the Users folder.

On top of that, we can filter file types that we need to scan to those that can be infected or carry virus (like exe, com, dll, jar, js, cab, zip…). As most of the viruses are small, we can also target smaller files, like those under 10 megabytes.

All this will make a good balance between security and performances on our server. That means that we still accept the risk that some viruses can pass our scan. However, we will cover most of expected situations and still maintain good security.

Clam Sentinel – the real-time module for ClamWin

For most users, the ClamWin anti-virus without real-time module will be fine. However, if we need more security we need to have real-time disk scanning. That was the goal of the independent project – the Clam Sentinel.


This application needs to be installed separately. It will use ClamWin’s virus signatures for it to work. We can configure the Clam Sentinel to monitor the disk activity or the system changes.We can include or exclude disks and folders from the scanning process. When we want to speed up operations we can just limit file types to those that are most critical to be infected.

The portable protection
When you need the portable protection, there are portable (USB based) versions of both ClamWin and the Clam Sentinel. You can put both applications on your USB drive and then use them to check any Windows based machine.

Using more than one anti-virus solution in the network can significantly increase the security of the network. When we are using one anti-virus, like the ClamAV, on the public servers and other anti-virus on the internal servers and workstations, we have a better chance to stop the virus outbreak in the network. Different vendors will react in different times to the new treats.

Major Features Of ClamWin Antivirus

  • High detection rates for viruses and spyware;
  • Scanning Scheduler;
  • Automatic downloads of regularly updated Virus Database.
  • Standalone virus scanner and right-click menu integration to Microsoft Windows Explorer;
  • Addin to Microsoft Outlook to remove virus-infected attachments automatically.


Installation Instructions For Windows

Note: How to find PublicDNS in AWS

Step 1) RDP  Connection: To connect to the deployed instance, Please follow Instructions to Connect to Windows  instance on AWS Cloud

1) Connect to the virtual machine using following RDP credentials:

  • Hostname: PublicDNS  / IP of machine
  • Port : 3389

Username: To connect to the operating system, use RDP and the username is Administrator.
Password: Please Click here to know how to get password .

Step 2) Click the Windows “Start” button and select “All Programs” and then point to ClamWin Antivirus.

Step 3) Other Information:

1.Default installation path: will be in your root folder “C:\Program Files (x86)\ClamWin “
2.Default ports:

  • Windows Machines:  RDP Port – 3389
  • Http: 80
  • Https: 443

Configure custom inbound and outbound rules using this link

Installation  Step by Step Screenshots


Installation Instructions For Windows

Installation Instructions for Windows

Step 1) VM Creation:

  1. Click the Launch on Compute Engine button to choose the hardware and network settings.
  2. You can see at this page, an overview of Cognosys Image as well as estimated cost of running the instance.
  3. In the settings page, you can choose the number of CPUs and amount of RAM, the disk size and type etc.

Step 2) RDP Connection: To initialize the DB Server connect to the deployed instance, Please follow Instructions to Connect to Windows instance on Google Cloud

Step 3) Click the Windows “Start” button and select “All Programs” and then point to ClamWin Antivirus.

Step 4) Other Information:

1.Default installation path: will be in your root folder “C:\Program Files (x86)\ClamWin “
2.Default ports:

  • Windows Machines:  RDP Port – 3389
  • Http: 80
  • Https: 443

Configure custom inbound and outbound rules using this link


ClamWin Antivirus on Cloud

Related Posts