ClamAV 0.94 increases detection capabilities
CalmAV 0.94, the open source anti-virus scanner promises a higher detection rate thanks to new virus scanning abilities. An Enhanced Detection Engine (EDE) now supports logical signatures, which allows the signature database to be contain signatures which are combinations of other signatures joined AND, OR or NOT. This should allow for more flexible pattern matching to catch complex malware. Also added to the EDE is a Disassembly Engine which allows the scanner to examine the bytes within a virus code to help in the detection of encrypted malware.
Scanning is not the only enhanced element in ClamAV 0.94. A new Data Loss Prevention module has been added which is used scan incoming and outgoing data for signs of personal identity data, for example social security numbers or credit card numbers, and alert the user to these attempts. Other improvements include better PUA ("Potentially Unwanted Application") detection, more control off the anti-phishing engine by allowing users to tune it, enhanced scanning of scripts and IPV6 support for the freshclam updater.
ClamAV is available for Linux, BSD and Windows, with third party ports available for other Unix based systems and is licensed under the GPL.
- What's New in ClamAV 0.94, PDF document on ClamAV 0.94