... | ... |
@@ -127,7 +127,7 @@ |
127 | 127 |
\item{POSIX compliant, portable} |
128 | 128 |
\item{Fast scanning} |
129 | 129 |
\item{Supports on-access scanning (Linux and FreeBSD only)} |
130 |
- \item{Detects over 850.000 viruses, worms and trojans, including |
|
130 |
+ \item{Detects over 920.000 viruses, worms and trojans, including |
|
131 | 131 |
Microsoft Office macro viruses, mobile malware, and other threats} |
132 | 132 |
\item{Built-in bytecode interpreter allows the ClamAV signature writers |
133 | 133 |
to create and distribute very complex detection routines and |
... | ... |
@@ -1072,6 +1072,9 @@ const char *cl_engine_get_str(const struct cl_engine *engine, |
1072 | 1072 |
will be reported only at the end of a scan. If an archive |
1073 | 1073 |
contains both a heuristically detected virus/phishing, and a real |
1074 | 1074 |
malware, the real malware will be reported. |
1075 |
+ \item \textbf{CL\_SCAN\_BLOCKMACROS}\\ |
|
1076 |
+ OLE2 containers, which contain VBA macros will be marked infected |
|
1077 |
+ (Heuristics.OLE2.ContainsMacros). |
|
1075 | 1078 |
\end{itemize} |
1076 | 1079 |
All functions return \verb+CL_CLEAN+ when the file seems clean, |
1077 | 1080 |
\verb+CL_VIRUS+ when a virus is detected and another value on failure. |
... | ... |
@@ -1080,7 +1083,7 @@ const char *cl_engine_get_str(const struct cl_engine *engine, |
1080 | 1080 |
const char *virname; |
1081 | 1081 |
|
1082 | 1082 |
if((ret = cl_scanfile("/tmp/test.exe", &virname, NULL, engine, |
1083 |
- CL_STDOPT)) == CL_VIRUS) { |
|
1083 |
+ CL_SCAN_STDOPT)) == CL_VIRUS) { |
|
1084 | 1084 |
printf("Virus detected: %s\n", virname); |
1085 | 1085 |
} else { |
1086 | 1086 |
printf("No virus detected.\n"); |
... | ... |
@@ -67,7 +67,7 @@ Features</A> |
67 | 67 |
</LI> |
68 | 68 |
<LI>Supports on-access scanning (Linux and FreeBSD only) |
69 | 69 |
</LI> |
70 |
-<LI>Detects over 850.000 viruses, worms and trojans, including |
|
70 |
+<LI>Detects over 920.000 viruses, worms and trojans, including |
|
71 | 71 |
Microsoft Office macro viruses, mobile malware, and other threats |
72 | 72 |
</LI> |
73 | 73 |
<LI>Built-in bytecode interpreter allows the ClamAV signature writers |
... | ... |
@@ -166,6 +166,11 @@ Allow heuristic match to take precedence. When enabled, if |
166 | 166 |
will be reported only at the end of a scan. If an archive |
167 | 167 |
contains both a heuristically detected virus/phishing, and a real |
168 | 168 |
malware, the real malware will be reported. |
169 |
+</LI> |
|
170 |
+<LI><SPAN CLASS="textbf">CL_SCAN_BLOCKMACROS</SPAN> |
|
171 |
+<BR> |
|
172 |
+OLE2 containers, which contain VBA macros will be marked infected |
|
173 |
+ (Heuristics.OLE2.ContainsMacros). |
|
169 | 174 |
|
170 | 175 |
</LI> |
171 | 176 |
</UL> |
... | ... |
@@ -176,7 +181,7 @@ Allow heuristic match to take precedence. When enabled, if |
176 | 176 |
const char *virname; |
177 | 177 |
|
178 | 178 |
if((ret = cl_scanfile("/tmp/test.exe", &virname, NULL, engine, |
179 |
- CL_STDOPT)) == CL_VIRUS) { |
|
179 |
+ CL_SCAN_STDOPT)) == CL_VIRUS) { |
|
180 | 180 |
printf("Virus detected: %s\n", virname); |
181 | 181 |
} else { |
182 | 182 |
printf("No virus detected.\n"); |
... | ... |
@@ -213,7 +218,7 @@ Allow heuristic match to take precedence. When enabled, if |
213 | 213 |
<!--End of Navigation Panel--> |
214 | 214 |
<ADDRESS> |
215 | 215 |
Tomasz Kojm |
216 |
-2010-08-12 |
|
216 |
+2011-03-21 |
|
217 | 217 |
</ADDRESS> |
218 | 218 |
</BODY> |
219 | 219 |
</HTML> |