About ClamAV®


Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. The core of the package is an anti-virus engine available in a form of shared library.(Read more...)


IMPORTANT ANNOUNCEMENT


On 15 April 2010 all ClamAV installations older than 0.95 will be disabled. See http://www.clamav.net/eol-clamav-094/ for more details.


Latest Stable Release


Latest ClamAV® stable release is: 0.96.1
ClamAV for Windows now available! (Learn more) Download now
Total number of signatures: 813583
ClamAV Virus Databases:
main.cvd ver. 52 released on 15 Feb 2010 09:54 :0500
daily.cvd ver. 11466 released on 31 Jul 2010 18:03 :0400


Latest Development Release (Release Candidates)


There are no Release Candidates currently planned.


News


DojoSec June briefings

May 17th, 2009 Posted by - webmaster

Alain Zidouemba will give a talk at DojoSec on the topic: What to do with the unknown.
Here are the meeting details:
Date: June 4, 2009 (Read more...)

ClamAV Users’ Webcast

February 9th, 2009 Posted by - webmaster

The next ClamAV® Users’ Webcast will be on Wed 4th March at 1800UTC: 10 AM PST, 1 PM EST, 6 PM GMT, 7 PM CEST. The talk, given by Alain Zidouemba of Sourcefire will be an introduction to writing ClamAV Signatures. The talk will cover about an hour. The talk will be technically advanced, and is aimed toward Systems Administrators and developers.

Abstract

ClamAV is an open source anti-virus toolkit for UNIX systems. The main purpose of this software lies (Read more...)

Conficker aka Downadup

January 29th, 2009 Posted by - webmaster

Some of you may have heard of a current major outbreak of a virus known as Downadup that has been reported at http://news.bbc.co.uk/1/hi/technology/7842013.stm and http://news.bbc.co.uk/1/hi/technology/7832652.stm. It has been estimated that move than 9 million PCs are infected across the world.

ClamAV detects Downadup, also known as Conficker, as Worm.Downadup. Once on a system it downloads components that ClamAV detects as members of the Trojan.Downloader- family of signatures.

The virus primarily exploits MS08-067; it can also spread through USB sticks. Since the virus is not spread by email we don’t expect to see much activity in our core user-base, which tends to use ClamAV to scan emails. We are, nevertheless, keeping an eye out for it through freshclam’s statistics gathering system – we are yet to see any obvious spike of activity from it. If we hear anything we’ll let you know.

500,000 Signatures and Counting

January 27th, 2009 Posted by - webmaster

Today, 27th January 2009, ClamAV’s signature team investigated and identified Trojan.Agent-70954, the 500,000th entry in its database. Well done to all the team for working so hard to produce a quality database.
From time to time we are asked to keep the size of the database down by trimming old signatures; but, as the statistics-gathering program has shown, old viruses never die. SomeFool (a.k.a Netsky) is still alive and kicking 5 years after the ClamAV team spotted the first variants! Today two variants of that virus are in the top 10 most active malware amongst our users that send us statistics.

ClamAV twitter feed available

November 10th, 2008 Posted by - webmaster

Notifications of ClamAV signature updates are now available via our
Twitter feed at http://twitter.com/clamav. The notifications include information about the number of signatures added and the total number of signatures in the ClamAV database.
We hope to include other information on that feed later so please feel free to let us know (Read more...)