Browse code
update clamdoc.pdf
Tomasz Kojm authored on 2011/03/22 01:27:08Showing 4 changed files
| ... | ... |
@@ -127,7 +127,7 @@ |
| 127 | 127 |
\item{POSIX compliant, portable}
|
| 128 | 128 |
\item{Fast scanning}
|
| 129 | 129 |
\item{Supports on-access scanning (Linux and FreeBSD only)}
|
| 130 |
- \item{Detects over 850.000 viruses, worms and trojans, including
|
|
| 130 |
+ \item{Detects over 920.000 viruses, worms and trojans, including
|
|
| 131 | 131 |
Microsoft Office macro viruses, mobile malware, and other threats} |
| 132 | 132 |
\item{Built-in bytecode interpreter allows the ClamAV signature writers
|
| 133 | 133 |
to create and distribute very complex detection routines and |
| ... | ... |
@@ -1072,6 +1072,9 @@ const char *cl_engine_get_str(const struct cl_engine *engine, |
| 1072 | 1072 |
will be reported only at the end of a scan. If an archive |
| 1073 | 1073 |
contains both a heuristically detected virus/phishing, and a real |
| 1074 | 1074 |
malware, the real malware will be reported. |
| 1075 |
+ \item \textbf{CL\_SCAN\_BLOCKMACROS}\\
|
|
| 1076 |
+ OLE2 containers, which contain VBA macros will be marked infected |
|
| 1077 |
+ (Heuristics.OLE2.ContainsMacros). |
|
| 1075 | 1078 |
\end{itemize}
|
| 1076 | 1079 |
All functions return \verb+CL_CLEAN+ when the file seems clean, |
| 1077 | 1080 |
\verb+CL_VIRUS+ when a virus is detected and another value on failure. |
| ... | ... |
@@ -1080,7 +1083,7 @@ const char *cl_engine_get_str(const struct cl_engine *engine, |
| 1080 | 1080 |
const char *virname; |
| 1081 | 1081 |
|
| 1082 | 1082 |
if((ret = cl_scanfile("/tmp/test.exe", &virname, NULL, engine,
|
| 1083 |
- CL_STDOPT)) == CL_VIRUS) {
|
|
| 1083 |
+ CL_SCAN_STDOPT)) == CL_VIRUS) {
|
|
| 1084 | 1084 |
printf("Virus detected: %s\n", virname);
|
| 1085 | 1085 |
} else {
|
| 1086 | 1086 |
printf("No virus detected.\n");
|
| ... | ... |
@@ -67,7 +67,7 @@ Features</A> |
| 67 | 67 |
</LI> |
| 68 | 68 |
<LI>Supports on-access scanning (Linux and FreeBSD only) |
| 69 | 69 |
</LI> |
| 70 |
-<LI>Detects over 850.000 viruses, worms and trojans, including |
|
| 70 |
+<LI>Detects over 920.000 viruses, worms and trojans, including |
|
| 71 | 71 |
Microsoft Office macro viruses, mobile malware, and other threats |
| 72 | 72 |
</LI> |
| 73 | 73 |
<LI>Built-in bytecode interpreter allows the ClamAV signature writers |
| ... | ... |
@@ -166,6 +166,11 @@ Allow heuristic match to take precedence. When enabled, if |
| 166 | 166 |
will be reported only at the end of a scan. If an archive |
| 167 | 167 |
contains both a heuristically detected virus/phishing, and a real |
| 168 | 168 |
malware, the real malware will be reported. |
| 169 |
+</LI> |
|
| 170 |
+<LI><SPAN CLASS="textbf">CL_SCAN_BLOCKMACROS</SPAN> |
|
| 171 |
+<BR> |
|
| 172 |
+OLE2 containers, which contain VBA macros will be marked infected |
|
| 173 |
+ (Heuristics.OLE2.ContainsMacros). |
|
| 169 | 174 |
|
| 170 | 175 |
</LI> |
| 171 | 176 |
</UL> |
| ... | ... |
@@ -176,7 +181,7 @@ Allow heuristic match to take precedence. When enabled, if |
| 176 | 176 |
const char *virname; |
| 177 | 177 |
|
| 178 | 178 |
if((ret = cl_scanfile("/tmp/test.exe", &virname, NULL, engine,
|
| 179 |
- CL_STDOPT)) == CL_VIRUS) {
|
|
| 179 |
+ CL_SCAN_STDOPT)) == CL_VIRUS) {
|
|
| 180 | 180 |
printf("Virus detected: %s\n", virname);
|
| 181 | 181 |
} else {
|
| 182 | 182 |
printf("No virus detected.\n");
|
| ... | ... |
@@ -213,7 +218,7 @@ Allow heuristic match to take precedence. When enabled, if |
| 213 | 213 |
<!--End of Navigation Panel--> |
| 214 | 214 |
<ADDRESS> |
| 215 | 215 |
Tomasz Kojm |
| 216 |
-2010-08-12 |
|
| 216 |
+2011-03-21 |
|
| 217 | 217 |
</ADDRESS> |
| 218 | 218 |
</BODY> |
| 219 | 219 |
</HTML> |