You can view the documentation below, or browse our GitHub Repository, where you can contribute to user manual and FAQ.
General | Installing ClamAV | How to Report A Bug | Miscellaneous FAQ | ClamAV Virus Database FAQ | End of Life Policy (EOL) | Potentially Unwanted Applications (PUA) | Mailing Lists FAQ | Troubleshooting FAQ | Safebrowsing | Upgrading ClamAV | ClamAV on Microsoft Windows FAQ | How do I ignore/whitelist a ClamAV signature? | Which Version of ClamAV should I use? | Uninstalling ClamAV | ClamAV Overview | Interpreting Scan Alerts FAQ | Freshclam FAQ
Manual | Clam AntiVirus 0.101.0 User Manual | Clam AntiVirus User Manual
Manual | UserManual | Installing ClamAV on Unix / Linux / macOS from Source | Installing ClamAV on Windows | Introduction | LibClamAV | On-Access Scanning | Creating signatures for ClamAV | Usage | ClamAV Development
Manual | UserManual | Installation-Unix | Installation on Debian and Ubuntu Linux Distributions | Installation on macOS (Mac OS X) | Installation on Redhat and CentOS Linux Distributions
Manual | UserManual | Signatures | Trusted and Revoked Certificates | Body-based Signature Content Format | Bytecode Signatures | Signatures based on container metadata | Database Info | Dynamic Configuration (DCONF) | Passwords for archive files \[experimental\] | Extended signature format | File Type Magic | ClamAV File Types | Functionality Levels (FLEVELs) | File hash signatures | Logical signatures | PhishSigs | Whitelist databases | Using YARA rules in ClamAV
Manual | UserManual | Usage | Configuration | Scanning | Signature Testing and Management
Additional | Microsoft Authenticode Signature Verification | Private Local Mirrors
If you installed from a package, we suggest you find the approved package from your distro provider and install that. The ClamAV team does not maintain individual packages for every distribution build. If there are no new packages, you have three options:
If you installed from sources, first uninstall the old version:
./configure
sudo make uninstall
Compile and install the new one: see Installing ClamAV
Depending on your installation method, you might want to backup configuration (located in /usr/local/etc
by default) and signature database (located in /usr/local/share/clamav
by default). Don’t forget to restore backups before starting up updated ClamAV.
Backup your database signature (located in /usr/local/share/clamav
by default) before upgrading to newer ClamAV version. Restore the backed up database signature before running the updated version. This is to avoid getting the /usr/local/share/clamav not locked
error message when doing freshclam
.
To obtain a new version:
yum list clamav
yum update clamav
If everything updated properly, run freshclam
to update your signature database.
The functionality level of the database determines which scanner engine version is required to use all of its signatures. If you don’t upgrade immediately you will be missing the latest viruses.
You’ll get this message whenever a new version of ClamAV is released. In order to detect all the latest viruses, it’s not enough to keep your database up to date. You also need to run the latest version of the scanner. You can download the sources of the latest release from our website. If you are afraid to break something while upgrading, use the precompiled packages for your operating system/distribution. Remember: running the latest stable release also improves stability.
Make sure there is really only one version of ClamAV installed on your system:
$ whereis freshclam
$ whereis clamscan
Also make sure that you haven’t got old libraries (libclamav.so*
) lying around your filesystem. You can verify it using:
$ ldd $(which freshclam)
Please refer to: eol-clamav
Using GnuPG you can easily verify the authenticity of your stable release downloads by using the following method: Download the Talos PGP public key from the VRT labs site. Import the key into your local public keyring:
$ gpg --import vrt.gpg
Download the stable release AND the corresponding .sig
file to the same directory. Verify that the stable release download is signed with the Talos PGP public key:
$ gpg --verify clamav-X.XX.tar.gz.sig
Please note that the resulting output should look like the following:
gpg: Signature made Wed Jan 24 19:31:26 2018 EST gpg: using RSA key F13F9E16BCA5BFAD gpg: Good signature from "Talos (Talos, Cisco Systems Inc.) [email address]" [unknown]
For other PGP implementation, please refer to their manual.
Visit the source download page.
ClamAV supports a wide variety of compilers, hardware and operating systems. Our core compiler is gcc with Linux on 32 and 64 bit Intel platforms, though we also test using other compilers, including Sun’s C compiler, Microsoft’s Visual Studio, Intel’s C compiler, LLVM/Clang, and others. To date we have only found one compiler that we do not support, GCC version 4.0.0 to 4.0.1 inclusive. We have found that version of the compiler produces incorrect code on all of the platforms and operating systems on which we have tested it. ClamAV will not work using that compiler and you MUST switch to an alternative, such as GCC3.4 or GCC4.1.
Please contact your vendor for further information. Please refer to gcc’s bugzilla for further information. More information about this bug is also available in our bugzilla.
Our configure scripts will detect if your compiler is affected by this bug and refuse to generate a non working binary with the following error message:
your compiler has gcc PR26763-2 bug, use a different compiler