ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
ClamWin Free Antivirus Forum Index » Virus Scanner
Reply to topic
ClamWin minifilter driver for real time scanning
ljbade


Joined: 14 Feb 2009
Posts: 0
Location: New Zealand
Post Posted: Sat Feb 14, 2009 5:16 am Reply with quote
Has anyone worked on a filesystem minifilter driver for ClamWin?

I am interested in writing one as a personal first time kernel-mode programming challenge.

It doesn't look too hard, just hooking file opens and memory pagings that have an executable flag. Or would you rather have it check all files (or only files that are being saved)? I'm not sure what commercial AV's do.

Also what would be better for you guys, a user mode service written in python or C?

C will be faster but I can't see why the service side of a real time scanner can't be done in python.
View user's profileSend private message
alch
Site Admin

Joined: 27 Nov 2005
Posts: 0
Post Posted: Sat Feb 14, 2009 9:07 am Reply with quote
Hi,

we have a usermode service in svn, look for clamwind (c++).

It would be great if you could help us with the minifilter. Please email me at alex [at] clamwin.com and we will discuss the details.

Cheers,
Alch
View user's profileSend private message
ljbade


Joined: 14 Feb 2009
Posts: 0
Location: New Zealand
Post Posted: Sat Feb 14, 2009 11:03 pm Reply with quote
Did you get my email?
View user's profileSend private message
ClamWin minifilter driver for real time scanning
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
 		All times are GMT  
Page 1 of 1  
  
  
ClamWin Free Antivirus Forum Index » Virus Scanner
 Reply to topic