About ClamAV®


ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates. The core ClamAV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats. The core ClamAV library is utilized in Immunet 3.0, powered by ClamAV, which is a fast, fully featured Desktop AV solution for Windows.


Latest Stable Release


Latest ClamAV® stable release is: 0.97.8
Windows Antivirus - Immunet 3.0, powered by ClamAV (Learn more) Download now
ClamAV Virus Databases:
main.cvd ver. 54 released on 11 Oct 2011 10:34 :0400 (sig count: 1044387)
daily.cvd ver. 17267 released on 24 May 2013 12:23 :0400 (sig count: 1298088)
bytecode.cvd ver. 214 released on 13 Feb 2013 10:29 :0500 (sig count: 41)
safebrowsing.cvd ver. 40602 released on 23 May 2013 16:00 :0400 (sig count: 1264797)


Latest Development Release (Release Candidates)


There are no Release Candidates currently planned.


News


Post-Mortem Analysis Of Virus Database Push Issues

February 25th, 2013 Posted by - jesler

On Thursday, 14 Feb 2013, in preparation for the coming ClamAV 0.98 release, a new database was scheduled to be made available to users. We had a set of issues while performing this upgrade, and we feel that it is appropriate to let our users and mirror providers know what happened, what has done to fix the issues, and what is being done to prevent these issues from happening again.

So first, What Happened?



  1. 14 Feb (Read more...)

Authenticode Certificate Chain Verification

February 16th, 2013 Posted by - jesler

Introduction


Microsoft introduced digitally signing PE object files (authenticode) in Windows 98. Hardware drivers eligible for the Windows Logo Program are required to contain a valid authenticode signature. Since then, Microsoft has expanded the program to executable object files (EXEs) and DLLs.

Microsoft has its own public key infrastructure (PKI). There are four trusted root certificate authorities: two by Microsoft, Thawte, and Verisign. Microsoft’s own executables for Windows are signed.

(Read more...)

Contribute signatures to ClamAV

November 29th, 2012 Posted by -

Back in February, Joel Esler who is our Open Source Community Manager, explained how you could contribute rules to Snort. We just wanted to let you know that the VRT is seeking and accepting your contribution on the ClamAV side as well.


One of the best features of ClamAV is the openness of the signatures database. There are very few anti-malware products out there that will allow you see exactly how a signature is constructed and let you use your (Read more...)

ClamAV Updates

November 15th, 2012 Posted by -

Everyone,

This is to let everyone know that due to some scheduled maintenance, no updates for ClamAV’s signature set will be published between the End of Day Eastern Standard Time on Thursday through Friday morning.

Normal updates and operation should resume Friday morning.

Thank you.

Open Source Antivirus: ClamAV by Dejan Lukan

October 10th, 2012 Posted by -

For someone just getting started with ClamAV, I noticed this easy to read and understand blog post here.  If you know someone who is just getting started with ClamAV, or you yourself came to this blog looking to get started.  Check that blog post out!