Documentation

You can view the documentation below, or browse our GitHub Repository, where you can contribute to user manual and FAQ.

General | Installing ClamAV | How to Report A Bug | Miscellaneous FAQ | ClamAV Virus Database FAQ | End of Life Policy (EOL) | Potentially Unwanted Applications (PUA) | Mailing Lists FAQ | Troubleshooting FAQ | Safebrowsing | Upgrading ClamAV | ClamAV on Microsoft Windows FAQ | Which Version of ClamAV should I use? | Uninstalling ClamAV | ClamAV Overview | Interpreting Scan Alerts FAQ | Freshclam FAQ | How do I ignore a ClamAV signature?

Manual | Clam AntiVirus User Manual

Manual | UserManual | Installing ClamAV on Unix / Linux / macOS from Source | Installing ClamAV on Windows | Introduction | LibClamAV | On-Access Scanning | Creating signatures for ClamAV | Usage | ClamAV Development | Contribute

Manual | UserManual | Installation-Unix | Installation on Debian and Ubuntu Linux Distributions | Installation on macOS (Mac OS X) | Installation on Redhat and CentOS Linux Distributions

Manual | UserManual | Signatures | Trusted and Revoked Certificates | Body-based Signature Content Format | Bytecode Signatures | Signatures based on container metadata | Database Info | Dynamic Configuration (DCONF) | Passwords for archive files \[experimental\] | Extended signature format | File Type Magic | ClamAV File Types | Functionality Levels (FLEVELs) | File hash signatures | Logical signatures | PhishSigs | Using YARA rules in ClamAV | Allow list databases

Manual | UserManual | Usage | Configuration | Scanning | Signature Testing and Management

Additional | Microsoft Authenticode Signature Verification | Private Local Mirrors

ClamAV on Microsoft Windows FAQ

ClamAV offers a versions of ClamAV for Microsoft Windows compatible with both 32bit and 64bit versions of Windows 7 and newer.

We provide both two install packages for Windows:

  • Portable Install Package
    • Zip file containing all you need to run ClamAV without running an installer.
  • Install Program
    • Traditional executable installer that will install ClamAV in the “Program Files” directory.

In addition to the above ClamAV versions that run on Windows, Cisco offers two more endpoint security products powered in-part by ClamAV. These are:

  • Immunet
    • Immunet is a malware and antivirus protection system that utilizes cloud computing to provide enhanced community-based security.
    • Immunet is free for non-commercial use.
    • Commercial users should consider Cisco AMP.
  • Cisco Advanced Malware Protection (AMP) for Endpoints
    • AMP for Endpoints prevents threats at point of entry, then continuously tracks every file it lets onto your endpoints. AMP can uncover even the most advanced threats, including fileless malware and ransomware.
    • AMP for Endpoints is subscription-based, managed through a web-based management console, and may be deployed on a variety of platforms to include Windows, macOS, and Linux operating systems.
    • For details, please visit the AMP for Endpoints website.

What is the difference between ClamAV, Immunet, and ClamWin?

ClamAV is available for Windows with the same scanning and detection capabilities available when using ClamAV on macOS and Linux, with exception to the On-Access Scanning feature (Linux).

Immunet is a real-time fully featured desktop AV solution. It contains cloud based detection technologies and the enterprise grade ClamAV detection engine. The product is produced and maintained by Cisco which owns both ClamAV and Immunet.

ClamWin is a free application that provides a graphical front-end for ClamAV, similar to ClamTk. ClamWin is maintained by ClamWin Pty Ltd., and has no association with ClamAV, Cisco, or the Immunet product. Additionally, ClamWin does not contain an on-access real-time scanner, and can only be used to manually scan files.

Is Immunet free for commercial use?

Immunet is not free for commercial use. AMP for Endpoints is our product that replaced the commercial version. If you are interested in deploying this in a commercial environment, we highly suggest checking that out.

Will Immunet send any sensitive data from my computer to the cloud?

Immunet sends information about the files its scanning back to the cloud. This information is in the form of SHA hashes and file heuristics. Currently, this information is only collected for Windows PE files, or in other terms what most people refer to as executable files. No information is collected for other types of files, like Word, Excel, or PDF. Additionally, in some situations the entire PE file will be uploaded to the Cloud to determine if it is malicious. For a complete overview please see the privacy policy.

Are you going to make use of the Cloud in the *nix version of ClamAV?

The simple answer is “yes”. The complex answer is “when”. We are currently working on that roadmap and will keep everyone informed as that information becomes available.

Can I use Immunet with my current AV solution?

Yes. In fact it is encouraged.

Where should I report false positives or undetected malware?

Please report Undetected Malware here.

Please report False Positives here.

Are there 64 bit versions of ClamAV for Windows as well as 32 bit?

Yes. You can find both versions at Clamav/downloads.

© 2004 - 2021 Cisco and/or its affiliates. All rights reserved. | Privacy Policy | Sitemap All content on this website, unless otherwise noted, is licensed under the Creative Commons Attribution - NoDerivs License.