ClamAV 0.94


EQ Forum Admin
Staff member
Dear ClamAV users,

Sourcefire and the ClamAV team are pleased to announce the release of ClamAV 0.94. The following are the key features and improvements of this

- Logical Signatures: The logical signature technology uses operators
such as AND, OR and NOT to allow the combination of more than one
signature into one entry in the signature database resulting in
more detailed and flexible pattern matching.

- Anti-phishing Technology: Users can now change the priority and reporting
of ClamAV's heuristic anti-phishing scanner within the detection engine
process. They can choose whether, when scanning a supicious file, ClamAV
should stop scanning and report the phish, or continue to scan in case the
file contains other malware (clamd: HeuristicScanPrecedence,
clamscan: --heuristic-scan-precedence)

- Disassembly Engine: The initial version of the disassembly engine improves
ClamAV's detection abilities.

- PUA Detection: Users can now decide which PUA signatures should be loaded
(clamd: ExcludePUA, IncludePUA; clamscan: --exclude-pua, --include-pua)

- Data Loss Prevention (DLP): This version includes a new module that, when
enabled, scans data for the inclusion of US formated Social Security
Numbers and credit card numbers (clamd: StructuredDataDetection,
clamscan: --detect-structured; additional fine-tuning options are available)

- IPv6 Support: Freshclam now supports IPv6

- Improved Scanning of Scripts: The normalization of scripts now covers

- Improved QA and Unit Testing: The improved QA process now includes
API testing and new library of test files in various formats that are
tested on a wide variety of systems (try running 'make check' in the source

For more details, please refer to
and to the ChangeLog.

You may need to run 'ldconfig' after installing this version.

** This version drops the special support for Cygwin. Our QA process showed
** serious problems with ClamAV builds under Cygwin due to some low-level
** incompatibilities in the POSIX compatibility layer, resulting in unreliable
** ClamAV behaviour.

The ClamAV team (