You are here

ClamWin: PCTOOLS Firewall blocks freshclam.exe

4 posts / 0 new
Last post
Junie
Offline
Last seen: 15 years 6 months ago
Joined: 2009-05-20 02:53
ClamWin: PCTOOLS Firewall blocks freshclam.exe

I use PC Tools Firewall. It blocks update of Freshclam.exe and reports it as a WORM. I tried to reinstall Clamwin Portable but the result is the same.

Please help.

Thanks

Junie

Tim Clark
Tim Clark's picture
Offline
Last seen: 13 years 7 months ago
Joined: 2006-06-18 13:55
You need to look into your PCTools

You need to look into your PCTools firewall documentation to see how you can allow an exception for freshclam.exe

As I do not use PCTools I can't tell you exactly how, but all well written firewalls should have a way to allow you to make choices for what you know to be ok programs.

As a work around you could manually update by getting a new copy of the daily.cvd from here:
http://www.clamav.org/download/cvd

as noted in this post:
https://portableapps.com/node/19261

Doing this once a day should be sufficient.

Tim

Things have got to get better, they can't get worse, or can they?

George Yves
Offline
Last seen: 10 years 5 months ago
Joined: 2008-04-21 08:37
I can't do that

I can't do that. My PCTool's ThreatFire detects freshclam.exe as Worm.Win32.AutoRun.ahep . The problem is there: ThreatFire detects a "known threat" and in such cases it doesn't ask user for further actions - it quarantines "known threats" immediately and automatically. ThreatFire users can take decisions only on "unknown threats" or "suspicious behaviour".

I must add that freshclam.exe is detected as a worm by Spywareterminator too. What is so suspicious in the freshclam.exe code that it looks like a virus?

May the FOSS be with you!

Tim Clark
Tim Clark's picture
Offline
Last seen: 13 years 7 months ago
Joined: 2006-06-18 13:55
Are you saying that after

Are you saying that after you have downloaded the files in question as indicated above, and put them in the right spot that freshclam still attempts to run. I have tried to remove freshclam.exe from the path and everything seems to run fine. The program will just not download new updates, which you are bypassing by downloading them directly. So in the scenario above, downloading and not using the selfupdate feature, freshclam.exe never comes into play.

Using this method, direct download, should bypass the need to use freshclam.exe so I am confused. Are you still trying to update thru the GUI even though you have already gotten the latest daily.cvd?

I can't comment on Spywareterminator as I know nothing about that program. In the case of the OP it seems to be the firewall aspect of PCTools that is having the problem. FreshClam.exe is attempting to communicate with the internet, which it needs to do to get updates. For some reason it finds this suspicious.

If your firewall does not give you the option to say "In this case I know better than you, allow/permit it", I don't know what to say. In today's world any well written AntiMalware/Firewall program needs to give you options to make decisions, If not, it is not well written.

I can only suggest getting in touch with PCTools and tell them that it is blocking something that you choose to allow and ask them to tell you how.

Good Luck,
Tim

Things have got to get better, they can't get worse, or can they?

Log in or register to post comments