Clam AntiVirus ClamAV, a GPL anti-virus toolkit for UNIX 2014-07-09T14:00:00Z WordPress <![CDATA[Compiling OpenSSL For Windows]]> 2014-07-09T14:00:00Z 2014-07-09T14:00:00Z


In order to support more advanced features planned in future releases, ClamAV has switched to using OpenSSL for hashing. The ClamAV Visual Studio project included with ClamAV’s source code requires the OpenSSL distributables to be placed in a specific directory. This article will teach you how to compile OpenSSL on a Microsoft Windows system and how to link ClamAV against OpenSSL.
This blog article is based on another article.


You will need ActiveState ActivePerl installed. OpenSSL uses Perl-based Makefiles. You will also need Visual Studio 2010 or later.

Download OpenSSL

You can find OpenSSL’s source here. Download the latest version. When this article was first authored, the latest version of OpenSSL was 1.0.1h. This article will reference that version throughout.
We will be using separate build and installation directories for 32bit and 64bit compilations. We’ll extract the source code twice, to C:\openssl-src-32 and C:\openss-src-64. We’ll then create two directories to hold the OpenSSL installation: C:\openssl-build-32 and C:\openssl-build-64.

Compiling OpenSSL

We will first build the 32bit libraries. You will need to open a Visual Studio 32bit command prompt. Please note that you cannot build OpenSSL 64bit from a 32bit Visual Studio command prompt and vice-versa.
We’ll run these commands in the command prompt:
  1. C:
  2. cd \openssl-src-32
  3. perl Configure VC-WIN32—prefix=C:\openssl-build-32
  4. ms\do_ms
  5. nmake -f ms\ntdll.mak
  6. nmake -f ms\ntdll.mak install
Once those commands have run, you’ll need to create the 64bit OpenSSL distributables in a Visual Studio x64 comamnd prompt:
  1. C:
  2. cd \openssl-src-64
  3. perl Configure VC-WIN64A—prefix=C:\openssl-build-64
  4. ms\do_win64a
  5. nmake -f ms\ntdll.mak
  6. nmake -f ms\ntdll.mak install
You now have both the 32bit and 64bit builds of OpenSSL compiled and installed in their respective build directories.

ClamAV Dependencies Directory

Now that you have distributables for both 32bit and 64bit, we’ll now need to create the directories where the ClamAV Visual Studio project expects the OpenSSL dependencies to be.
Create these directories:
  1. C:\clamdeps
  2. C:\clamdeps\win32
  3. C:\clamdeps\win32\openssl
  4. C:\clamdeps\win32\openssl\lib
  5. C:\clamdeps\win64
  6. C:\clamdeps\win64\openssl
  7. C:\clamdeps\win64\openssl\lib

Copy the 32bit directories and files over:
  1. C:\openssl-build-32\include to C:\clamdeps\win32\openssl
  2. C:\openssl-build-32\lib\libeay32.lib to C:\clamdeps\win32\openssl\lib
  3. C:\openssl-build-32\lib\ssleay32.lib to C:\clamdeps\win32\openssl\lib
  4. C:\openssl-build-32\bin\libeay32.dll to C:\clamdeps\win32\openssl\lib
  5. C:\openssl-build-32\bin\ssleay32.dll to C:\clamdeps\win32\openssl\lib
Now copy the 64bit directories and files over:
  • C:\openssl-build-64\include to C:\clamdeps\win64\openssl
  • C:\openssl-build-64\lib\libeay32.lib to C:\clamdeps\win64\openssl\lib
  • C:\openssl-build-64\lib\ssleay32.lib to C:\clamdeps\win64\openssl\lib
  • C:\openssl-build-64\bin\libeay32.dll to C:\clamdeps\win64\openssl\lib
  • C:\openssl-build-64\bin\ssleay32.dll to C:\clamdeps\win64\openssl\lib


We’ve now built the OpenSSL libraries that ClamAV now depends on. ClamAV requires them to be in C:\clamdeps\win{32,64}\openssl.

<![CDATA[ClamAV 0.98.5 beta has been posted!]]> 2014-07-08T21:45:00Z 2014-07-08T21:45:00Z The ClamAV team is proud to announce the availability of ClamAV 0.98.5 beta ready for testing!


Welcome to ClamAV 0.98.5 beta! ClamAV 0.98.5 will include important new features for collecting and analyzing file properties. Software developers and analysts may collect file properties using the ClamAV API and then analyze them with ClamAV bytecode programs. Using the new features will require that libjson-c is installed.

Look for our upcoming series of blog posts to learn more about using the ClamAV API and bytecode facilities for collecting and analyzing file properties.

The release can be downloaded from  Please download, test and provide any feedback via the mailing lists.

The ClamAV team (

<![CDATA[ClamAV 0.98.4 has been released!]]> 2014-06-17T00:11:00Z 2014-06-17T00:11:00Z The ClamAV team is pleased to announce the release of ClamAV 0.98.4!  Below are the release notes for 0.98.4:

0.98.4<br />------<br /><br />ClamAV 0.98.4 is a bug fix release. The following issues are now resolved:<br />
- Various build problems on Solaris, OpenBSD, AIX.
- Crashes of clamd on Windows and Mac OS X platforms when reloading&nbsp;the virus signature database.
- Infinite loop in clamdscan when clamd is not running.
- Freshclam failure on Solaris 10.
- Buffer underruns when handling multi-part MIME email attachments.
- Configuration of OpenSSL on various platforms.
- Name collisions on Ubuntu 14.04, Debian sid, and Slackware 14.1.
- Linking issues with libclamunrar
Thanks to the following individuals for testing, writing patches, and<br />initiating quality improvements in this release:<br /><br />Tuomo Soini<br />Scott Kitterman<br />Jim Klimov<br />Curtis Smith<br />Steve Basford<br />Martin Preen<br />Lars Hecking<br />Stuart Henderson<br />Ismail Paruk<br />Larry Rosenbaum<br />Dave Simonson<br />Sebastian Andrzej Siewior

The newest release can be downloaded from the following link:

Please download this release, and provide us any feedback on our mailing lists.

<![CDATA[ClamAV 0.98.4rc1 is now available!]]> 2014-05-18T03:20:03Z 2014-05-18T03:20:03Z ClamAV 0.98.4rc1 is now available for download.  Shown below are the notes concerning this release:


ClamAV 0.98.4 is a bug fix release. The following issues are now resolved:

- Various build problems on Solaris, OpenBSD, AIX.

- Crashes of clamd on Windows and Mac OS X platforms when reloading
the virus signature database.

- Infinite loop in clamdscan when clamd is not running.

- Freshclam failure on Solaris 10.

- Buffer underruns when handling multi-part MIME email attachments.

- Configuration of OpenSSL on various platforms.


ClamAV 0.98.4rc1 is available for download here:  Please download, test, and provide feedback to the mailing list here:

The ClamAV team (

<![CDATA[ClamAV 0.98.3 has been released!]]> 2014-05-07T19:51:00Z 2014-05-07T19:51:00Z ClamAV 0.98.3 has been released, and is available here:, below are the highlighted changes and fixes from this release!


Here are the new features and improvements in ClamAV 0.98.3:

- Support for common raw disk image formats using 512 byte sectors,
specifically GPT, APM, and MBR partitioning.

- Experimental support of OpenIOC files. ClamAV will now extract file
hashes from OpenIOC files residing in the signature database location,
and generate ClamAV hash signatures. ClamAV uses no other OpenIOC
features at this time. No OpenIOC files will be delivered through
freshclam. See and for additional information
about OpenIOC.

- All ClamAV sockets (clamd, freshclam, clamav-milter, clamdscan, clamdtop)
now support IPV6 addresses and configuration parameters.

- Use OpenSSL file hash functions for improved performance. OpenSSL
is now prerequisite software for ClamAV 0.98.3.

- Improved detection of malware scripts within image files. Issue reported
by Maarten Broekman.

- Change to circumvent possible denial of service when processing icons within
specially crafted PE files. Icon limits are now in place with corresponding
clamd and clamscan configuration parameters. This issue was reported by
Joxean Koret.

- Improvements to the fidelity of the ClamAV pattern matcher, an issue
reported by Christian Blichmann.

- Opt-in collection of statistics. Statistics collected are: sizes and MD5
hashes of files, PE file section counts and section MD5 hashes, and names
and counts of detected viruses. Enable statistics collection with the
—enable-stats clamscan flag or StatsEnabled clamd configuration

- Improvements to ClamAV build process, unit tests, and platform support with
assistance and suggestions by Sebastian Andrzej Siewior, Scott Kitterman,
and Dave Simonson.

- Patch by Arkadiusz Miskiewicz to improve error handling in freshclam.

- ClamAV 0.98.3 also includes miscellaneous bug fixes and documentation

Thanks to the following ClamAV community members for sending patches or reporting
bugs and issues that are addressed in ClamAV 0.98.3:

Sebastian Andrzej Siewior
Scott Kitterman
Joxean Koret
Arkadiusz Miskiewicz
Dave Simonson
Maarten Broekman
Christian Blichmann


In addition, as a special exception, the copyright holders give
permission to link the code of portions of this program with the
OpenSSL library under certain conditions as described in each
individual source file, and distribute linked combinations
including the two.

You must obey the GNU General Public License in all respects
for all of the code used other than OpenSSL. If you modify
file(s) with this exception, you may extend this exception to your
version of the file(s), but you are not obligated to do so. If you
do not wish to do so, delete this exception statement from your
version. If you delete this exception statement from all source
files in the program, then also delete it here.

<![CDATA[ClamXAv in the top ten free Apps in the Mac OSX App Store!]]> 2014-04-23T21:48:00Z 2014-04-23T21:48:00Z Congratulations to Mark Allan, developer of the ClamXav project (the OSX GUI front-end to ClamAV) for making the top ten list in the free App section of the OSX App Store!

It’s great to see a free tool and great contribution by the community being used by thousands of users and being recognized!

Great work Mark!

<![CDATA[ClamAV 0.95 Engine End of Life Announcement]]> 2014-03-28T20:57:00Z 2014-03-28T20:57:00Z ClamAV Community,

This notice is to inform you that effective immediately ClamAV 0.95 (and all minor versions) is no longer supported in accordance with ClamAV’s EOL policy which can be found here:

While the current CVD’s being distributed will still work on ClamAV 0.95, and we are not enabling the functionality to actually make those versions be able to update, this does serve as notice that we are no longer going to be testing against that version in our regression tests.

We will also be EOL’ing 0.96 in coming months, so if either of those versions is currently in use, it is highly suggested that you upgrade to the most current version.

Thank you for using ClamAV!

<![CDATA[Open Source Community Webinar]]> 2014-03-09T04:20:02Z 2014-03-09T04:20:02Z ClamAV community,

First off, we’d like to thank everyone for their continued use of our projects and products here at Sourcefire, now a part of Cisco.  We love making great software, and we love for you to use it and contribute back.  It’s been a great transition so far into the Cisco community, and recently, we held an Open Source Community Meeting at RSA, and we’d like to provide the content out to our Open Source user base as well.

The best way for us to do this is through a Webinar where we can present the current state of our projects, the future of the projects, how the projects are continuing to move forward inside of Cisco and of course, make ourselves available for Questions and Answers.
We are planning to hold the WebinarThursday, March 13, 201412:00 PM EST

Register Now for the webinar. We look forward to seeing you and hearing from you then!

<![CDATA[Programmatic Boolean Simplification and ClamAV Signatures]]> 2014-03-07T04:20:03Z 2014-03-07T04:20:03Z 0 <![CDATA[Introducing OpenSSL as a dependency to ClamAV]]> 2014-02-23T04:20:02Z 2014-02-23T04:20:02Z In an upcoming release, we are planning on introducing OpenSSL as a dependency to ClamAV.  We wanted to get this out to the community for any feedback that could be provided in order for everyone to understand why we are doing it.  So first, I’ll cover a few reasons we are planning to introduce it, then outline some Pros and Cons:

  1. Performance. OpenSSL has code optimized for many platforms. In several tests that we’ve performed, we’ve averaged a 70% increase in performance.
  2. OpenSSL’s code has had a lot of eyes on it. Cryptography is hard to get right.
  3. Planned future work depends on it.
Pros for OpenSSL:

  1. Industry-standard cryptography code
  2. Many, many eyes have looked over OpenSSL’s code.
  3. It’s used pretty much everywhere.
  4. We will be able to provide a better freshclam experience in a future release.
  6. Portability. OpenSSL works pretty much everywhere.
  7. Maintainability. With OpenSSL backing major infrastructure, operating systems provide quick patches/updates to OpenSSL.

Cons for OpenSSL:

  1. Possibly bigger memory footprint
  2. First required dependency for ClamAV’s engine
As always we are receptive to feedback from the community.  It is always welcome over on the ClamAV-Users list: