Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
ClamAV
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Effectiveness == In the 2008 [[AV-TEST]] comparison of antivirus tools, ClamAV scored poorly in on-demand detection, avoiding false positives, and rootkit detection.<ref>{{cite web |url=http://blogs.pcmag.com/securitywatch/Results-2008q1.htm |title=Anti-virus comparison test of current anti-malware products, Q1/2008 |publisher=AV-Test GmbH |date=22 January 2008 |access-date=12 February 2008 |archive-url = https://web.archive.org/web/20110715060200/http://blogs.pcmag.com/securitywatch/Results-2008q1.htm |archive-date = 15 July 2011}}</ref> In a Shadowserver six-month test between June and December 2011, ClamAV detected over 75.45% of all viruses tested, putting it in fifth place behind AhnLab, Avira, BitDefender and Avast. AhnLab, the top antivirus, detected 80.28%.<ref>{{cite web |url=http://www.shadowserver.org/wiki/pmwiki.php/AV/Virus180-DayStats |title=ShadowServer 180 Day Stats |publisher=shadowserver.org |date=2011-08-16 |access-date=2011-12-16 |archive-url=https://web.archive.org/web/20111127145417/http://www.shadowserver.org/wiki/pmwiki.php/AV/Virus180-DayStats |archive-date=2011-11-27 |url-status=dead }}</ref> In 2022 [[Splunk]] conducted an efficacy study involving 416,561 malware samples sourced from [[MalwareBazaar]], bucketed as follows: 106135 Banking Trojans (trojans targeted towards stealing financial information); 26875 Botnets (malware for making the victim a part of a botnet); 190371 Information Stealers (programs designed to steal client information. E.g. Keyloggers); 52422 Loaders (program that loads one or more other malicious programs β that is, a stager that fetches harmful things directly into memory); 1321 Miners (crypto currency miners); 30251 RATs (Remote access tools. E.g. Backdoors); and 8273 Trojans (a generic multipurpose malware that harms the user in different ways β generally disguises itself and delivered by tricking the user). Splunk's study concluded ClamAV was 59.94% effective overall at detecting commodity malware β being able to detect 249,696/416,561 samples.<ref>{{Cite web|url=https://www.splunk.com/en_us/blog/security/how-good-is-clamav-at-detecting-commodity-malware.html|title=How Good is ClamAV at Detecting Commodity Malware?|website=Splunk-Blogs}}</ref> In that same study, ClamAV performed relatively well at detecting certain types of malware in certain types of files (E.g. DOCX files, DIL files, ELF files, DOC files and EXE files), but was less effective in detecting malware in JAR files, JS files, VBS files, Z files, RAR files, and XLSB files. In addition, ClamAV performed well in detecting a few top level categories of malware like Trojans & Botnets but performed poorly on other malware types like Crypto Miners, RATs and Info Stealers.<ref>{{Cite web|url=https://www.splunk.com/en_us/blog/security/how-good-is-clamav-at-detecting-commodity-malware.html|title=How Good is ClamAV at Detecting Commodity Malware?|website=Splunk-Blogs}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)