Clamwin antivirus
ClamWin Free Antivirus
Developer Blogs
0.90 is on the way

Basic win32 clamav command line scanner and friends are already updated to 0.90, obviously they need to be tested, on the GUI (ClamWin) side, some additional work is needed, some things are changed and also automatic skipping feature should be correctly handled by the GUI.

We don't have an ETA, but we are working for you :D

- Sherpya
Killing of in-mem infected modules

I've branched clamav release develpoment, I've added a feature that can kill infected files that are loaded in memory (for now only in memory scan).

Killing of infected processes should be enough safe, the module unloader can easily cause crashes to the program that hosts the dll. Mainly the only program that can host infected dll is explorer, so it shouldn't be a real problem, when it crashes it automatically restarts.

This feature will be available only win 2k/xp/2k3.

Update: I've included it in svn trunk since the new code is optional, you need to add -k or --kill command line option.

Update: This feature is currently in testing, join the beta forum to have more infos.

- Sherpya
Automatic cleanup of temp files

When clamscan is interrupted it can leave temporary files in temp directory. I've implemented a trace feature in directory creation/removal.

clamscan will create a dirname.clamdir with the same name of the just created directory. This file is removed when clamscan removes the directory.

If the scan is interrupted clamwin will be able to find .clamdir files and remove the undeleted directories. Only directories at top level of temp dir are traced, since we don't need to known about subdirs, they will be removed recursively.

This features is already implemented in clamav svn, minor mods should be made in clamwin.

Expect soon a new beta to test this functionality.

- Sherpya
ClamWin crash dumps recognized as infected

Some users experimented this new "feature" that allow to send crash reports when the scanner crashes (clamscan.exe.dmp files in C:\Program Files\ClamWin\Bin folder).

Since it may contain some parts of scanner memory obiviously can have virus patterns loaded in memory. To avoid this problem next release will scramble dump files by xor-in with 42.

I really don't want to encrypt user data, it's only to avoid quarantine or deletion of crash dump files. Also many of us have a mailserver AV that will block the report.

- Sherpya
© 2024 ClamWin Free Antivirus
ClamWin™ is a trademark of ClamWin Pty Ltd.
Other trademarks are the property of the respective trademark holders.
Privacy Statement
Thursday, 13 June 2024
Main Menu
Make a Donation
How You Can Help
User Guides
Anti-Malware Links
Project on
Mailing Lists
User References
Web Links
Contact Us