ClamAV 0.99 contains major new features and changes. YARA rules, Perl Compatible Regular Expressions, revamped on-access scanning for Linux, and other new features join the many great features of ClamAV:

• Processing of YARA rules (some limitations - see signatures.pdf).
• Support in ClamAV logical signatures for many of the features added for YARA, such as Perl Compatible Regular Expressions, alternate strings, and YARA string attributes. See signatures.pdf for full details.
• New and improved on-access scanning for Linux. See the recent blog post and clamdoc.pdf for details on the new on-access capabilities.
• A new ClamAV API callback function that is invoked when a virus is found. This is intended primarily for applications running in all-match mode. Any applications using all-match mode must use the new callback function to record and report detected viruses.
• Configurable default password list to attempt zip file decryption.
• TIFF file support.
• A new signature target type for designating signatures to run against files with unknown file types.
• Improved fidelity of the "data loss prevention" heuristic algorithm. Code supplied by Bill Parker.
• Support for LZMA decompression within Adobe Flash files.
• Support for MSO attachments within Microsoft Office 2003 XML files.
• A new sigtool option(--ascii-normalize) allowing signature authors to more easily generate normalized versions of ascii files.

Please note: If you are using clamd on-access scanning or have applications using all-match mode, you will want to review the changes and make any necessary adjustments before using ClamAV 0.99.