Thema: ClamWin/ClamAV .......

[Snoop]

Hey - Real Time Scanning mit Clam ... jetzt wird es interessant.
Wobei die Engine ja nicht gerade im Ruf steht, schnell zu arbeiten ...

[SiLæncer]

0.97.5
------

ClamAV 0.97.5 addresses possible evasion cases in some archive formats (CVE-2012-1457, CVE-2012-1458, CVE-2012-1459). It also addresses stability issues in portions of the bytecode engine. This release is recommended for all users.

http://www.clamav.net/lang/en/

[SiLæncer]

This maintenance release updates ClamAV scanning engine and brings the following improvements:

    Improved bytecode signature loading
    Improved handling of tar archives and chm files
    Various performance improvements

http://www.clamwin.com/

[SiLæncer]

Clam Sentinel is a real-time malware scanner using ClamWin Antivirus as its engine. The program also has its own system monitor that scans for unknown malware that does not yet have a ClamWin signature. It also detects new drives and monitors these units until the program is closed or until the device is disconnected.

License: Freeware/GPL

z.Z. kein Changelog verfügbar ...

http://clamsentinel.sourceforge.net/

[SiLæncer]

This maintenance release updates ClamAV scanning engine and provides the following improvements:

    Scanning code optimizations

http://www.clamwin.com/

[SiLæncer]

Changelog:

Code: [Auswählen]

---------------------------------
 * Bug reported by Felix Groebert, Mateusz Jurczyk and Gynvael Coldwind of the
 Google Security Team.

Mon Sep 6 12:32:00 EDT 2012 (dar)
---------------------------------
 * libclamav: bb#5751 - cl_scansis() may returan a file descriptor instead
              of a valid return code

Mon Jul 2 10:40:50 EDT 2012 (dar)
----------------------------------
 * libclamav: bb#5252 - update #4, CL_EUNPACK and caching

Fri Jun 29 14:43:43 EDT 2012 (dar)
----------------------------------
 * libclamav: bb#5252 - update #3, more return code tweaks

Tue Jun 26 12:23:44 EDT 2012 (dar)
----------------------------------
 * libclamav: bb#5252 - Limit exits on scanraw return codes

Fri Jun 22 16:58:21 EDT 2012 (dar)
----------------------------------
 * libclamav: bb#5325 - Quiet Minix warning

Mon Jun 18 17:51:49 EDT 2012 (dar)
----------------------------------
 * libclamav: bb#5252 - Update magic_scandesc filtering of scanraw return codes

Thu Jun 14 16:05:53 EDT 2012 (judge)
----------------------------------
 * win32: Add MSI projects.

Wed Jun 13 12:00:55 EDT 2012 (olney)
----------------------------------
http://www.clamav.net/lang/en/

[SiLæncer]

Whats new: >>

- Several potential security bugs have been fixed

http://www.clamwin.com/

[SiLæncer]

Whats new: >>

This maintenance release updates ClamAV scanning engine and patches more security vulnerabilities.

Download :

ClamWin Free Antivirus 0.97.8 x86
ClamWin Free Antivirus 0.97.8 x64

http://www.clamwin.com/

[SiLæncer]

Hier noch die Info was neu ist ->

This maintenance release updates ClamAV scanning engine and patches more security vulnerabilities.

[SiLæncer]

Code: [Auswählen]

ClamAV 0.98 includes many new features, across many different components
of ClamAV. There are new scanning options, extensions to the libclamav API,
support for additional filetypes, and internal upgrades.

    – Signature improvements: New signature targets have been added for
    PDF files, Flash files and Java class files. (NOTE: Java archive files
    (JAR) are not part of the Java target.) Hash signatures can now specify
    a ’*’ (wildcard) size if the size is unknown. Using wildcard size
    requires setting the minimum engine FLEVEL to avoid backwards
    compatibility issues. For more details read the ClamAV Signatures
    guide.


    – Scanning enhancements: New filetypes can be unpacked and scanned,
    including ISO9660, Flash, and self-extracting 7z files. PDF
    handling is now more robust and better handles encrypted PDF files.


    – Authenticode: ClamAV is now aware of the certificate chains when
    scanning signed PE files. When the database contains signatures for
    trusted root certificate authorities, the engine can whitelist
    PE files with a valid signature. The same database file can also
    include known compromised certificates to be rejected! This
    feature can also be disabled in clamd.conf (DisableCertCheck) or
    the command-line (nocerts).


    – New options: Several new options for clamscan and clamd have been
    added. For example, ClamAV can be set to print infected files and
    error files, and suppress printing OK results. This can be helpful
    when scanning large numbers of files. This new option is ”-o” for
    clamscan and “LogClean” for clamd. Check clamd.conf or the clamscan
    help message for specific details.


    – New callbacks added to the API: The libclamav API has additional hooks
    for developers to use when wrapping ClamAV scanning. These function
    types are prefixed with “clcb_” and allow developers to add logic at
    certain steps of the scanning process without directly modifying the
    library. For more details refer to the clamav.h file.


    – More configurable limits: Several hardcoded values are now configurable
    parameters, providing more options for tuning the engine to match your
    needs. Check clamd.conf or the clamscan help message for specific
    details.


    – Performance improvements: This release furthers the use of memory maps
    during scanning and unpacking, continuing the conversion started in
    prior releases. Complex math functions have been switched from
    libtommath to tomsfastmath functions. The A/C matcher code has also
    been optimized to provide a speed boost.


    – Support for on-access scanning using Clamuko/Dazuko has been replaced
    with fanotify. Accordingly, clamd.conf settings related to on-access
    scanning have had Clamuko removed from the name. Clamuko-specific
    configuration items have been marked deprecated and should no longer
    be used.



There are also fixes for other minor issues and code quality changes. Please
see the ChangeLog file for details.
http://www.clamav.net/lang/en/

[SiLæncer]

This release updates ClamAV scanning engine and brings a number of significant improvements:

    New virus signature targets enable detection of PDF, Flash, and Java class files.
    New filetypes supported in the scanner include ISO9660, Flash and 7-zip self-extracting archives.
    Performance and memory management improvements.

http://www.clamwin.com/

[SiLæncer]

Clam Sentinel is a real-time malware scanner using ClamWin Antivirus as its engine. The program also has its own system monitor that scans for unknown malware that does not yet have a ClamWin signature. It also detects new drives and monitors these units until the program is closed or until the device is disconnected.

License: Freeware/GPL

z.Z. kein Changelog verfügbar ...

http://clamsentinel.sourceforge.net/

[SiLæncer]

Whats new: >>

Improvements to OLE2 extraction and scanning
Add ForceToDisk option for clamd and force-to-disk arg for clamscan
bb #9222: make fmap_unneed respect nested maps
libclamav: bb #9154 - ELF handling re-write
libclamav: bb #8696 - Bug reported by NIW Solutions
bb #9072: clamscan message separator fix
xz file type support
bb #1570: Support ADC compression in DMG
bb #9053: ClamAV 0.98 can't be compiled on FreeBSD 7
bb #9017: tomsfastmath warning with zLinux on s390x
win32: Import libxml2 2.9.1 components into windows builds for xmlReader support.
libclamav: Add support for scanning xar/pkg archive files.

http://www.clamwin.com/

[SiLæncer]

Hier wäre dann auch die Windows-Version -> Klick

[SiLæncer]

Whats new: >>

Support for common raw disk image formats using 512 byte sectors, specifically GPT, APM, and MBR partitioning.
Experimental support of OpenIOC files. ClamAV will now extract file hashes from OpenIOC files residing in the signature database location, and generate ClamAV hash signatures. ClamAV uses no other OpenIOC features at this time. No OpenIOC files will be delivered through freshclam. See openioc.org and iocbucket.com for additional information about OpenIOC.
All ClamAV sockets (clamd, freshclam, clamav-milter, clamdscan, clamdtop) now support IPV6 addresses and configuration parameters.
Use OpenSSL file hash functions for improved performance. OpenSSL is now prerequisite software for ClamAV 0.98.2.
Improved detection of malware scripts within image files.
Change to circumvent possible denial of service when processing icons within specially crafted PE files. Icon limits are now in place with corresponding clamd and clamscan configuration parameters.
Improvements to the fidelity of the ClamAV pattern matcher.
Opt-in collection of statistics. Statistics collected are: sizes and MD5 hashes of files, PE file section counts and section MD5 hashes, and names and counts of detected viruses. Enable statistics collection with the --enable-stats clamscan flag or StatsEnabled clamd configuration parameter.
Improvements to ClamAV build process, unit tests, and platform support.
Patch by Arkadiusz Miskiewicz to improve error handling in freshclam.
ClamAV 0.98.2 also includes miscellaneous bug fixes and documentation improvements.

http://www.clamwin.com/