⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.93
Server IP:
65.108.141.171
Server:
Linux server.heloix.com 5.4.0-214-generic #234-Ubuntu SMP Fri Mar 14 23:50:27 UTC 2025 x86_64
Server Software:
Apache
PHP Version:
7.4.33
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
usr
/
share
/
doc
/
clamav-docs
/
html
/
View File Name :
index.html
<!DOCTYPE HTML> <html lang="en" class="clamav" dir="ltr"> <head> <!-- Book generated using mdBook --> <meta charset="UTF-8"> <title>Introduction - ClamAV Documentation</title> <!-- Custom HTML head --> <meta name="description" content="An open source malware detection toolkit and antivirus engine."> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="theme-color" content="#ffffff"> <link rel="shortcut icon" href="favicon.png"> <link rel="stylesheet" href="css/variables.css"> <link rel="stylesheet" href="css/general.css"> <link rel="stylesheet" href="css/chrome.css"> <link rel="stylesheet" href="css/print.css" media="print"> <!-- Fonts --> <link rel="stylesheet" href="FontAwesome/css/font-awesome.css"> <link rel="stylesheet" href="fonts/fonts.css"> <!-- Highlight.js Stylesheets --> <link rel="stylesheet" href="highlight.css"> <link rel="stylesheet" href="tomorrow-night.css"> <link rel="stylesheet" href="ayu-highlight.css"> <!-- Custom theme stylesheets --> <!-- MathJax --> <script async src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS-MML_HTMLorMML"></script> </head> <body class="sidebar-visible no-js"> <div id="body-container"> <!-- Provide site root to javascript --> <script> var path_to_root = ""; var default_theme = window.matchMedia("(prefers-color-scheme: dark)").matches ? "clamav" : "clamav"; </script> <!-- Work around some values being stored in localStorage wrapped in quotes --> <script> try { var theme = localStorage.getItem('mdbook-theme'); var sidebar = localStorage.getItem('mdbook-sidebar'); if (theme.startsWith('"') && theme.endsWith('"')) { localStorage.setItem('mdbook-theme', theme.slice(1, theme.length - 1)); } if (sidebar.startsWith('"') && sidebar.endsWith('"')) { localStorage.setItem('mdbook-sidebar', sidebar.slice(1, sidebar.length - 1)); } } catch (e) { } </script> <!-- Set the theme before any content is loaded, prevents flash --> <script> var theme; try { theme = localStorage.getItem('mdbook-theme'); } catch (e) { } if (theme === null || theme === undefined) { theme = default_theme; } var html = document.querySelector('html'); html.classList.remove('clamav') html.classList.add(theme); var body = document.querySelector('body'); body.classList.remove('no-js') body.classList.add('js'); </script> <input type="checkbox" id="sidebar-toggle-anchor" class="hidden"> <!-- Hide / unhide sidebar before it is displayed --> <script> var body = document.querySelector('body'); var sidebar = null; var sidebar_toggle = document.getElementById("sidebar-toggle-anchor"); if (document.body.clientWidth >= 1080) { try { sidebar = localStorage.getItem('mdbook-sidebar'); } catch (e) { } sidebar = sidebar || 'visible'; } else { sidebar = 'hidden'; } sidebar_toggle.checked = sidebar === 'visible'; body.classList.remove('sidebar-visible'); body.classList.add("sidebar-" + sidebar); </script> <nav id="sidebar" class="sidebar" aria-label="Table of contents"> <div class="sidebar-scrollbox"> <ol class="chapter"><li class="chapter-item expanded "><a href="Introduction.html" class="active"><strong aria-hidden="true">1.</strong> Introduction</a></li><li class="chapter-item expanded "><a href="manual/Installing.html"><strong aria-hidden="true">2.</strong> Installing</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="manual/Installing/Packages.html"><strong aria-hidden="true">2.1.</strong> Packages</a></li><li class="chapter-item expanded "><a href="manual/Installing/Docker.html"><strong aria-hidden="true">2.2.</strong> Docker</a></li><li class="chapter-item expanded "><a href="manual/Installing/Installing-from-source-Unix.html"><strong aria-hidden="true">2.3.</strong> Unix from source (v0.104+)</a></li><li class="chapter-item expanded "><a href="manual/Installing/Installing-from-source-Unix-old.html"><strong aria-hidden="true">2.4.</strong> Unix from source (v0.103-)</a></li><li class="chapter-item expanded "><a href="manual/Installing/Installing-from-source-Windows.html"><strong aria-hidden="true">2.5.</strong> Windows from source</a></li><li class="chapter-item expanded "><a href="manual/Installing/Community-projects.html"><strong aria-hidden="true">2.6.</strong> Community Projects</a></li><li class="chapter-item expanded "><a href="manual/Installing/Add-clamav-user.html"><strong aria-hidden="true">2.7.</strong> Add a service user account</a></li></ol></li><li class="chapter-item expanded "><a href="manual/Usage.html"><strong aria-hidden="true">3.</strong> Usage</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="manual/Usage/Configuration.html"><strong aria-hidden="true">3.1.</strong> Configuration</a></li><li class="chapter-item expanded "><a href="manual/Usage/SignatureManagement.html"><strong aria-hidden="true">3.2.</strong> Updating Signature Databases</a></li><li class="chapter-item expanded "><a href="manual/Usage/Scanning.html"><strong aria-hidden="true">3.3.</strong> Scanning</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="manual/OnAccess.html"><strong aria-hidden="true">3.3.1.</strong> On-Access Scanning</a></li></ol></li><li class="chapter-item expanded "><a href="manual/Usage/Services.html"><strong aria-hidden="true">3.4.</strong> Running ClamAV Services</a></li><li class="chapter-item expanded "><a href="manual/Usage/ReportABug.html"><strong aria-hidden="true">3.5.</strong> Report a Bug</a></li></ol></li><li class="chapter-item expanded "><a href="manual/Signatures.html"><strong aria-hidden="true">4.</strong> Signatures</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="manual/Signatures/DatabaseInfo.html"><strong aria-hidden="true">4.1.</strong> CVD Info File</a></li><li class="chapter-item expanded "><a href="manual/Signatures/DynamicConfig.html"><strong aria-hidden="true">4.2.</strong> Dynamic Configuration Settings</a></li><li class="chapter-item expanded "><a href="manual/Signatures/AuthenticodeRules.html"><strong aria-hidden="true">4.3.</strong> Trusted and Revoked EXE Certificates</a></li><li class="chapter-item expanded "><a href="manual/Signatures/FileTypeMagic.html"><strong aria-hidden="true">4.4.</strong> File Type Recognition</a></li><li class="chapter-item expanded "><a href="manual/Signatures/AllowLists.html"><strong aria-hidden="true">4.5.</strong> Allow Lists</a></li><li class="chapter-item expanded "><a href="manual/Signatures/HashSignatures.html"><strong aria-hidden="true">4.6.</strong> Hash-based Signatures</a></li><li class="chapter-item expanded "><a href="manual/Signatures/BodySignatureFormat.html"><strong aria-hidden="true">4.7.</strong> Content-based Signature Format</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="manual/Signatures/LogicalSignatures.html"><strong aria-hidden="true">4.7.1.</strong> Logical Signatures</a></li><li class="chapter-item expanded "><a href="manual/Signatures/ExtendedSignatures.html"><strong aria-hidden="true">4.7.2.</strong> Extended Signatures</a></li></ol></li><li class="chapter-item expanded "><a href="manual/Signatures/YaraRules.html"><strong aria-hidden="true">4.8.</strong> YARA Rules</a></li><li class="chapter-item expanded "><a href="manual/Signatures/PhishSigs.html"><strong aria-hidden="true">4.9.</strong> Phishing Signatures</a></li><li class="chapter-item expanded "><a href="manual/Signatures/BytecodeSignatures.html"><strong aria-hidden="true">4.10.</strong> Bytecode Signatures</a></li><li class="chapter-item expanded "><a href="manual/Signatures/ContainerMetadata.html"><strong aria-hidden="true">4.11.</strong> Container Metadata Signatures</a></li><li class="chapter-item expanded "><a href="manual/Signatures/EncryptedArchives.html"><strong aria-hidden="true">4.12.</strong> Archive Passwords (experimental)</a></li><li class="chapter-item expanded "><a href="manual/Signatures/SignatureNames.html"><strong aria-hidden="true">4.13.</strong> Signature Names</a></li></ol></li><li class="chapter-item expanded "><a href="manual/Development.html"><strong aria-hidden="true">5.</strong> For Developers</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="manual/Development/github-pr-basics.html"><strong aria-hidden="true">5.1.</strong> Pull Request Basics</a></li><li class="chapter-item expanded "><a href="manual/Development/clamav-git-work-flow.html"><strong aria-hidden="true">5.2.</strong> ClamAV Git Work Flow</a></li><li class="chapter-item expanded "><a href="manual/Development/personal-forks.html"><strong aria-hidden="true">5.3.</strong> Working with Your Fork</a></li><li class="chapter-item expanded "><a href="manual/Development/testing-pull-requests.html"><strong aria-hidden="true">5.4.</strong> Reviewing Pull Requests</a></li><li class="chapter-item expanded "><a href="manual/Development/development-builds.html"><strong aria-hidden="true">5.5.</strong> Building for Development</a></li><li class="chapter-item expanded "><a href="manual/Development/build-installer-packages.html"><strong aria-hidden="true">5.6.</strong> Building the Installer Packages</a></li><li class="chapter-item expanded "><a href="manual/Development/tips-and-tricks.html"><strong aria-hidden="true">5.7.</strong> Dev Tips & Tricks</a></li><li class="chapter-item expanded "><a href="manual/Development/performance-profiling.html"><strong aria-hidden="true">5.8.</strong> Performance Profiling</a></li><li class="chapter-item expanded "><a href="manual/Development/code-coverage.html"><strong aria-hidden="true">5.9.</strong> Computing Code Coverage</a></li><li class="chapter-item expanded "><a href="manual/Development/fuzzing-sanitizers.html"><strong aria-hidden="true">5.10.</strong> Fuzzing Sanitizers</a></li><li class="chapter-item expanded "><a href="manual/Development/libclamav.html"><strong aria-hidden="true">5.11.</strong> libclamav</a></li><li class="chapter-item expanded "><a href="manual/Development/Contribute.html"><strong aria-hidden="true">5.12.</strong> Contribute</a></li></ol></li><li class="chapter-item expanded "><a href="faq/faq.html"><strong aria-hidden="true">6.</strong> Frequently Asked Questions</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="faq/faq-whichversion.html"><strong aria-hidden="true">6.1.</strong> Selecting the Right Version of ClamAV for You</a></li><li class="chapter-item expanded "><a href="faq/faq-freshclam.html"><strong aria-hidden="true">6.2.</strong> FreshClam (Signature Updater)</a></li><li class="chapter-item expanded "><a href="faq/faq-cvd.html"><strong aria-hidden="true">6.3.</strong> Signature Database (CVD)</a></li><li class="chapter-item expanded "><a href="faq/faq-malware-fp-reports.html"><strong aria-hidden="true">6.4.</strong> Malware and False Positive Report</a></li><li class="chapter-item expanded "><a href="faq/faq-misc.html"><strong aria-hidden="true">6.5.</strong> Misc</a></li><li class="chapter-item expanded "><a href="faq/faq-ml.html"><strong aria-hidden="true">6.6.</strong> Mailing Lists</a></li><li class="chapter-item expanded "><a href="faq/faq-safebrowsing.html"><strong aria-hidden="true">6.7.</strong> Safe Browsing</a></li><li class="chapter-item expanded "><a href="faq/faq-troubleshoot.html"><strong aria-hidden="true">6.8.</strong> Troubleshooting</a></li><li class="chapter-item expanded "><a href="faq/faq-scan-alerts.html"><strong aria-hidden="true">6.9.</strong> Interpreting Scan Alerts</a></li><li class="chapter-item expanded "><a href="faq/faq-upgrade.html"><strong aria-hidden="true">6.10.</strong> Upgrading</a></li><li class="chapter-item expanded "><a href="faq/faq-rust.html"><strong aria-hidden="true">6.11.</strong> Rust</a></li><li class="chapter-item expanded "><a href="faq/faq-win32.html"><strong aria-hidden="true">6.12.</strong> Win32</a></li><li class="chapter-item expanded "><a href="faq/faq-pua.html"><strong aria-hidden="true">6.13.</strong> PUA (Potentially Unwanted Application)</a></li><li class="chapter-item expanded "><a href="faq/faq-ignore.html"><strong aria-hidden="true">6.14.</strong> Ignore</a></li><li class="chapter-item expanded "><a href="faq/faq-uninstall.html"><strong aria-hidden="true">6.15.</strong> Uninstall</a></li><li class="chapter-item expanded "><a href="faq/faq-eol.html"><strong aria-hidden="true">6.16.</strong> ClamAV EOL Policy</a></li></ol></li><li class="chapter-item expanded "><li class="spacer"></li><li class="chapter-item expanded "><a href="community_resources/CommunityResources.html"><strong aria-hidden="true">7.</strong> Community Resources</a></li><li class="chapter-item expanded affix "><li class="spacer"></li><li class="chapter-item expanded "><a href="appendix/Appendix.html"><strong aria-hidden="true">8.</strong> Appendix</a></li><li><ol class="section"><li class="chapter-item expanded "><a href="appendix/Terminology.html"><strong aria-hidden="true">8.1.</strong> Terminology</a></li><li class="chapter-item expanded "><a href="appendix/CvdPrivateMirror.html"><strong aria-hidden="true">8.2.</strong> Hosting a Private Database Mirror</a></li><li class="chapter-item expanded "><a href="appendix/Authenticode.html"><strong aria-hidden="true">8.3.</strong> Microsoft Authenticode Signature Verification</a></li><li class="chapter-item expanded "><a href="appendix/FileTypes.html"><strong aria-hidden="true">8.4.</strong> ClamAV File Types and Target Types</a></li><li class="chapter-item expanded "><a href="appendix/FunctionalityLevels.html"><strong aria-hidden="true">8.5.</strong> ClamAV Versions and Functionality Levels</a></li></ol></li></ol> </div> <div id="sidebar-resize-handle" class="sidebar-resize-handle"></div> </nav> <!-- Track and set sidebar scroll position --> <script> var sidebarScrollbox = document.querySelector('#sidebar .sidebar-scrollbox'); sidebarScrollbox.addEventListener('click', function (e) { if (e.target.tagName === 'A') { sessionStorage.setItem('sidebar-scroll', sidebarScrollbox.scrollTop); } }, { passive: true }); var sidebarScrollTop = sessionStorage.getItem('sidebar-scroll'); sessionStorage.removeItem('sidebar-scroll'); if (sidebarScrollTop) { // preserve sidebar scroll position when navigating via links within sidebar sidebarScrollbox.scrollTop = sidebarScrollTop; } else { // scroll sidebar to current active section when navigating via "next/previous chapter" buttons var activeSection = document.querySelector('#sidebar .active'); if (activeSection) { activeSection.scrollIntoView({ block: 'center' }); } } </script> <div id="page-wrapper" class="page-wrapper"> <div class="page"> <div id="menu-bar-hover-placeholder"></div> <div id="menu-bar" class="menu-bar sticky"> <div class="left-buttons"> <label id="sidebar-toggle" class="icon-button" for="sidebar-toggle-anchor" title="Toggle Table of Contents" aria-label="Toggle Table of Contents" aria-controls="sidebar"> <i class="fa fa-bars"></i> </label> <button id="theme-toggle" class="icon-button" type="button" title="Change theme" aria-label="Change theme" aria-haspopup="true" aria-expanded="false" aria-controls="theme-list"> <i class="fa fa-paint-brush"></i> </button> <ul id="theme-list" class="theme-popup" aria-label="Themes" role="menu"> <li role="none"><button role="menuitem" class="theme" id="clamav">Dark</button></li> <li role="none"><button role="menuitem" class="theme" id="clamav_light">Light</button></li> </ul> <button id="search-toggle" class="icon-button" type="button" title="Search. (Shortkey: s)" aria-label="Toggle Searchbar" aria-expanded="false" aria-keyshortcuts="S" aria-controls="searchbar"> <i class="fa fa-search"></i> </button> </div> <h1 class="menu-title">ClamAV Documentation</h1> <div class="right-buttons"> <a href="print.html" title="Print this book" aria-label="Print this book"> <i id="print-button" class="fa fa-print"></i> </a> </div> </div> <div id="search-wrapper" class="hidden"> <form id="searchbar-outer" class="searchbar-outer"> <input type="search" id="searchbar" name="searchbar" placeholder="Search this book ..." aria-controls="searchresults-outer" aria-describedby="searchresults-header"> </form> <div id="searchresults-outer" class="searchresults-outer hidden"> <div id="searchresults-header" class="searchresults-header"></div> <ul id="searchresults"> </ul> </div> </div> <!-- Apply ARIA attributes after the sidebar and the sidebar toggle button are added to the DOM --> <script> document.getElementById('sidebar-toggle').setAttribute('aria-expanded', sidebar === 'visible'); document.getElementById('sidebar').setAttribute('aria-hidden', sidebar !== 'visible'); Array.from(document.querySelectorAll('#sidebar a')).forEach(function (link) { link.setAttribute('tabIndex', sidebar === 'visible' ? 0 : -1); }); </script> <div id="content" class="content"> <main> <h1 id="clamav"><a class="header" href="#clamav">ClamAV</a></h1> <p align="center"> <a href="https://www.clamav.net/"> <img align="center" width="250" height="250" src="https://raw.githubusercontent.com/micahsnyder/clamav-documentation/main/src/images/logo.png" alt='Maeve, the ClamAV mascot'> </a> </p> <p>ClamAV is an open source (GPLv2) anti-virus toolkit, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. The core of the package is an anti-virus engine available in a form of shared library.</p> <blockquote> <p><em>Tip</em>: ClamAV is not a traditional anti-virus or endpoint security suite. For a fully featured modern endpoint security suite, check out <em>Cisco Secure Endpoint</em>. See <a href="#related-products">"related products"</a>, below, for more details.</p> </blockquote> <p>ClamAV is brought to you by Cisco Systems, Inc.</p> <h2 id="community-projects"><a class="header" href="#community-projects">Community Projects</a></h2> <p>ClamAV has a diverse ecosystem of <a href="manual/Installing/Community-projects.html">community projects, products, and other tools</a> that either depend on ClamAV to provide malware detection capabilities or supplement ClamAV with new features such as improved support for 3rd party signature databases, graphical user interfaces (GUI), and more.</p> <h2 id="features"><a class="header" href="#features">Features</a></h2> <ul> <li>ClamAV is designed to scan files quickly.</li> <li>Real time protection (Linux only). The ClamOnAcc client for the ClamD scanning daemon provides on-access scanning on modern versions of Linux. This includes an optional capability to block file access until a file has been scanned (on-access prevention).</li> <li>ClamAV detects millions of viruses, worms, trojans, and other malware, including Microsoft Office macro viruses, mobile malware, and other threats.</li> <li>ClamAV's bytecode signature runtime, powered by either LLVM or our custom bytecode interpreter, allows the ClamAV signature writers to create and distribute very complex detection routines and remotely enhance the scanner’s functionality.</li> <li>Signed signature databases ensure that ClamAV will only execute trusted signature definitions.</li> <li>ClamAV scans within archives and compressed files but also protects against archive bombs. Built-in archive extraction capabilities include: <ul> <li>Zip (including SFX, excluding some newer or more complex extensions)</li> <li>RAR (including SFX, most versions)</li> <li>7Zip</li> <li>ARJ (including SFX)</li> <li>Tar</li> <li>CPIO</li> <li>Gzip</li> <li>Bzip2</li> <li>DMG</li> <li>IMG</li> <li>ISO 9660</li> <li>PKG</li> <li>HFS+ partition</li> <li>HFSX partition</li> <li>APM disk image</li> <li>GPT disk image</li> <li>MBR disk image</li> <li>XAR</li> <li>XZ</li> <li>Microsoft OLE2 (Office documments)</li> <li>Microsoft OOXML (Office documments)</li> <li>Microsoft Cabinet Files (including SFX)</li> <li>Microsoft CHM (Compiled HTML)</li> <li>Microsoft SZDD compression format</li> <li>HWP (Hangul Word Processor documents)</li> <li>BinHex</li> <li>SIS (SymbianOS packages)</li> <li>AutoIt</li> <li>InstallShield</li> <li>ESTsoft EGG</li> </ul> </li> <li>Supports Windows executable file parsing, also known as Portable Executables (PE) both 32/64-bit, including PE files that are compressed or obfuscated with: <ul> <li>AsPack</li> <li>UPX</li> <li>FSG</li> <li>Petite</li> <li>PeSpin</li> <li>NsPack</li> <li>wwpack32</li> <li>MEW</li> <li>Upack</li> <li>Y0da Cryptor</li> </ul> </li> <li>Supports ELF and Mach-O files (both 32 and 64-bit)</li> <li>Supports almost all mail file formats</li> <li>Support for other special files/formats includes: <ul> <li>HTML</li> <li>RTF</li> <li>PDF</li> <li>Files encrypted with CryptFF and ScrEnc</li> <li>uuencode</li> <li>TNEF (winmail.dat)</li> </ul> </li> <li>Advanced database updater with support for scripted updates, digital signatures and DNS based database version queries</li> </ul> <blockquote> <p><em>Disclaimer</em>: Many of the above file formats continue to evolve. Executable packing and obfuscation tools in particular are constantly changing. We cannot guarantee that we can unpack or extract every version or variant of the listed formats.</p> </blockquote> <h2 id="license"><a class="header" href="#license">License</a></h2> <p>ClamAV is licensed under the GNU General Public License, Version 2.</p> <h2 id="supported-platforms"><a class="header" href="#supported-platforms">Supported platforms</a></h2> <p>Clam AntiVirus is highly cross-platform. The development team cannot test every OS, so we have chosen to test ClamAV using the two most recent Long Term Support (LTS) versions of each of the most popular desktop operating systems. Our regularly tested operating systems include:</p> <ul> <li>GNU/Linux <ul> <li>Alpine <ul> <li>3.17 (x86_64)</li> </ul> </li> <li>Ubuntu <ul> <li>18.04 (x86_64, i386)</li> <li>20.04 (x86_64)</li> </ul> </li> <li>Debian <ul> <li>10 (x86_64, i386)</li> <li>11 (x86_64, i386)</li> </ul> </li> <li>CentOS <ul> <li>7 (x86_64, i386)</li> </ul> </li> <li>Fedora <ul> <li>31 (x86_64)</li> <li>33 (x86_64)</li> </ul> </li> <li>openSUSE <ul> <li>15 Leap (x86_64)</li> </ul> </li> </ul> </li> <li>UNIX <ul> <li>FreeBSD <ul> <li>12 (x86_64)</li> <li>13 (x86_64)</li> </ul> </li> <li>macOS <ul> <li>10.13 High Sierra (Intel x86_64)</li> <li>10.15 Catalina (Intel x86_64)</li> <li>11.5 Big Sur (Intel x86_64, arm64 Apple M1)</li> </ul> </li> </ul> </li> <li>Windows <ul> <li>7 (x86_64, i386)</li> <li>10 (x86_64, i386)</li> </ul> </li> </ul> <blockquote> <p><em>Disclaimer</em>: Platforms and operating systems other than the ones above are not as well tested by the ClamAV development team. In particular, uncommon operating systems such as HP-UX and Solaris, and uncommon processor architectures such as sparc64, armhf, pp64le, etc. are not supported.</p> <p>You are welcome to report bugs and contribute bug fixes for unsupported platforms. We may be unable to verify that a platform-specific bug-fix is resolves an issue. But provided that a contributed fix appears technically sound, and does not cause other issues, we will be happy to merge it.</p> </blockquote> <h2 id="recommended-system-requirements"><a class="header" href="#recommended-system-requirements">Recommended System Requirements</a></h2> <p>The following minimum recommended system requirements are for using ClamScan or ClamD applications with the standard ClamAV signature database provided by Cisco.</p> <p>Minimum recommended RAM for ClamAV:</p> <ul> <li>FreeBSD and Linux server edition: 3 GiB+</li> <li>Linux non-server edition: 3 GiB+</li> <li>Windows 7 & 10 32-bit: 3 GiB+</li> <li>Windows 7 & 10 64-bit: 3 GiB+</li> <li>macOS: 3 GiB+</li> </ul> <blockquote> <p><em>Tip</em>: Server environments, like Docker, as well as and embedded runtime environments are often resource constrained. We recommend at 3-4 GiB of RAM, but you may get by with less if you're willing to accept some limitations. You can find <a href="manual/Installing/Docker.html#memory-ram-requirements">more information here</a>.</p> </blockquote> <p>Minimum recommended CPU for ClamAV:</p> <ul> <li>1 CPU at 2.0 Ghz+</li> </ul> <p>Minimum available hard disk space required:</p> <p>For the ClamAV application we recommend having 5 GiB of free space available. This recommendation is in addition to the recommended disk space for each OS.</p> <blockquote> <p><em>Note</em>: The tests to determine these minimum requirements were performed on systems that were not running other applications. If other applications are being run on the system, additional resources will be required in addition to our recommended minimums.</p> </blockquote> <h2 id="mailing-lists-and-chat"><a class="header" href="#mailing-lists-and-chat">Mailing Lists and Chat</a></h2> <h3 id="mailing-lists"><a class="header" href="#mailing-lists">Mailing Lists</a></h3> <p>If you have a trouble installing or using ClamAV try asking on our mailing lists. There are four lists available:</p> <ul> <li><strong>clamav-announce (at) lists.clamav.net</strong> <ul> <li>info about new versions, moderated.</li> <li>Subscribers are not allowed to post to this mailing list.</li> </ul> </li> <li><strong>clamav-users (at) lists.clamav.net</strong> <ul> <li>user questions</li> </ul> </li> <li><strong>clamav-devel (at) lists.clamav.net</strong> <ul> <li>technical discussions</li> </ul> </li> <li><strong>clamav-virusdb (at) lists.clamav.net</strong> <ul> <li>database update announcements, moderated</li> </ul> </li> </ul> <p>You can subscribe and search the mailing list archives <a href="https://www.clamav.net/contact.html#ml">here</a>.</p> <p><strong>To unsubscribe</strong>: Use the same form page that you used when you subscribed. Search at the bottom for "unsubscribe".</p> <p><em>IMPORTANT</em>: When you subscribe or unsubscribe, you will receive a confirmation email with a link that you must click on or else no action will occur. If you did not receive the confirmation email, check your spam folder.</p> <h3 id="chat"><a class="header" href="#chat">Chat</a></h3> <p>You can join the community on our <a href="https://discord.gg/6vNAqWnVgw">ClamAV Discord chat server</a>.</p> <h2 id="submitting-new-or-otherwise-undetected-malware"><a class="header" href="#submitting-new-or-otherwise-undetected-malware">Submitting New or Otherwise Undetected Malware</a></h2> <p>If you've got a virus which is not detected by the current version of ClamAV using the latest signature databases, please submit the sample for review at our website:</p> <p><a href="https://www.clamav.net/reports/malware">https://www.clamav.net/reports/malware</a></p> <p>Likewise, if you have a benign file that is flagging as a virus and you wish to report a False Positive, please submit the sample for review at our website:</p> <p><a href="https://www.clamav.net/reports/fp">https://www.clamav.net/reports/fp</a></p> <p>If you have questions about the submission process, please read the <a href="faq/faq-malware-fp-reports.html">Malware and False Positive Report FAQ</a></p> <p>How long does it take for a signature change after submitting new malware or submitting a false positive report?</p> <blockquote> <p>In most cases, it takes at least 48 hours from initial submission before any change will be published in the official ClamAV signature databases.</p> </blockquote> <p>Who analyzes malware and false positive file uploads?</p> <blockquote> <p>Given the volume of submissions, the vast majority of files are handled by automation.</p> </blockquote> <p>Who has access to the uploaded files?</p> <blockquote> <p>All engineers and analysts within Cisco's Talos organization have access to the files.</p> </blockquote> <p>Are malware or false positive file uploads shared with other companies?</p> <blockquote> <p>No. Files that are submitted for review through the ClamAV Malware and False Positive web forms (or the clamsubmit tool), are not shared outside of Cisco. However, sample sharing is fair game if we've already received the same file from a different source (VirusTotal, Cisco SMA, various feeds, etc.).</p> </blockquote> <p>Are the files deleted after the analysis?</p> <blockquote> <p>No. Uploaded files are kept indefinitely.</p> </blockquote> <p>Is the file accessible using a public URL at any point in this process?</p> <blockquote> <p>No. Uploaded files are not accessible using a public URL. They are processed internally and kept internal to Cisco Talos.</p> </blockquote> <h2 id="related-products"><a class="header" href="#related-products">Related Products</a></h2> <p><a href="https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html">Cisco Secure Endpoint</a> (formerly AMP for Endpoints) is Cisco's cloud-based security suite for commercial and enterprise customers. Secure Endpoint is available for Windows, Linux, and macOS and provides superior malware detection capabilities, behavioral monitoring, dynamic file analysis, endpoint isolation, analytics, and threat hunting. Secure Endpoint sports a modern administrative web interface (dashboard).</p> <p align="center"> <a href="https://www.cisco.com/"> <img align="center" img width="80" src="https://raw.githubusercontent.com/micahsnyder/clamav-documentation/main/src/images/cisco.png" alt='Cisco Systems, Inc'> </a> </p> </main> <nav class="nav-wrapper" aria-label="Page navigation"> <!-- Mobile navigation buttons --> <a rel="next prefetch" href="manual/Installing.html" class="mobile-nav-chapters next" title="Next chapter" aria-label="Next chapter" aria-keyshortcuts="Right"> <i class="fa fa-angle-right"></i> </a> <div style="clear: both"></div> </nav> </div> </div> <nav class="nav-wide-wrapper" aria-label="Page navigation"> <a rel="next prefetch" href="manual/Installing.html" class="nav-chapters next" title="Next chapter" aria-label="Next chapter" aria-keyshortcuts="Right"> <i class="fa fa-angle-right"></i> </a> </nav> </div> <script> window.playground_line_numbers = true; </script> <script> window.playground_copyable = true; </script> <script src="ace.js"></script> <script src="editor.js"></script> <script src="mode-rust.js"></script> <script src="theme-dawn.js"></script> <script src="theme-tomorrow_night.js"></script> <script src="elasticlunr.min.js"></script> <script src="mark.min.js"></script> <script src="searcher.js"></script> <script src="clipboard.min.js"></script> <script src="highlight.js"></script> <script src="book.js"></script> <!-- Custom JS scripts --> </div> </body> </html>