Free antivirus package ClamAV 0.98 has been presented.
At the moment, the size of ClamAV virus database is approximately 2.8 million virus signatures - is three times more than was delivered in the 0.97.0 release. Base malware signature web- pages comprises almost 1.6 million entries, which is 4.5 times higher than in ClamAV 0.97.0.
ClamAV 0.97 Key improvements:
- Added new signatures for files, PDF, Flash and Java-classes. In signature-based hashes added support for specifying wildcards '*' in the sizes indicated, if the size is unknown;
- Support provided to unpack and scan the new file types, including iso-images in ISO9660 format and self-extracting archives 7z. Significantly increased the reliability of processing PDF, improved support for working with encrypted PDF- files;
- Implemented inspection certificate chain for a PE-file, equipped with a digital signature. If the trust -based digital signature is present on the root CA certificate tsenntra used to certify the file, the PE- file with a valid digital signature is placed in the white list. Simultaneously, based on the present information and compromised certificates that should be rejected. You can disable the scan directive;
- DisableCertCheck in clamd.conf;
- In clamscan and clamd new options. For example, using the option "-o" to clamscan and directives "LogClean" clamd for now you can activate the output to the infected and erroneous files, hiding the results do not cause problems, it is useful to highlight only the important information when scanning a large number of files;
- In API libclamav added new callback- calls to control the scanning process. Functions with the prefix "clcb_" allow third-party developers to add their own logic systems in the various steps of the scanning process, without directly editing the code of the library;
- Added ability to set additional limits, many of the previously rigidly defined constraints can now be changed in the configuration file;
- Performance Optimization: The new version is notable for the use of mapping in the memory in the process of scanning and unpacking code acceleration A / C- matching and making use of a high-performance math library funutsy tomsfastmath instead libtommath;
- The implementation of the test mode on the fly, by tracking the facts of creation or modification of files transferred from Clamuko and Dazuko driver to use the technology fanotify. Related Clamuko settings are deprecated.
Latest ClamAV® stable release: http://www.clamav.net/lang/en/download/sources/