Editing ClamAV

{{Short description|Open-source antivirus software}}
{{Infobox software
| name = ClamAV
| logo = New ClamAV Logo.svg
| screenshot = ClamAV0.95.2.png
| caption = Clam AV 0.95.2, running a definition update, scanning a file and identifying a [[Trojan horse (computing)|Trojan]] from the command-line.
| author = Tomasz Kojm
| developer = [[Cisco Talos]]
| released = {{Start date and age|2002|05|08}}
| latest release version = {{wikidata|property|preferred|references|edit|Q852000|P348|P548=Q2804309}}
| latest release date = {{wikidata|qualifier|preferred|single|Q852000|P348|P548=Q2804309|P577}}
| latest preview version = {{wikidata|property|preferred|references|edit|Q852000|P348|P548=Q51930650}}
| latest preview date = {{wikidata|qualifier|preferred|single|Q852000|P348|P548=Q51930650|P577}}
| programming language = [[C (programming language)|C]], [[C++]]
| operating system = [[Unix]], [[IBM AIX|AIX]], [[Berkeley Software Distribution|BSD]], [[HP-UX]], [[Linux]], [[macOS]], [[OpenVMS]], [[Tru64 UNIX]], [[Windows]], [[Haiku (operating system)|Haiku]]
| genre = [[Antivirus software]]
| license = [[GNU General Public License|GPL-2.0-only]]
| website = {{URL|https://www.clamav.net}}<!--"www" part is mandatory-->
}}

'''ClamAV''' ('''Clam AntiVirus''') is a [[free software]], cross-platform [[Antivirus software|antimalware toolkit]] able to detect many types of malware, including [[computer virus|viruses]]. It was developed for [[Unix]] and has third party versions available for [[IBM AIX|AIX]], [[Berkeley Software Distribution|BSD]], [[HP-UX]], [[Linux]], [[macOS]], [[OpenVMS]], [[Tru64 UNIX|OSF]] (Tru64), [[Solaris (operating system)|Solaris]] and [[Haiku (operating system)|Haiku]]. As of version 0.97.5, ClamAV builds and runs on [[Microsoft Windows]].<ref name="ClamAbout">{{cite web |url=http://www.clamav.net/about |title=About ClamAV |access-date=2008-12-25 |last=ClamAV |year=2007}}</ref><ref name="Ports">{{cite web |url=http://www.clamav.net/download/packages/ |title=ClamAV Packages and Ports |access-date=2008-12-31 |last=ClamAV |year=2007 |archive-url=https://web.archive.org/web/20080720205113/http://www.clamav.net/download/packages/ |archive-date=2008-07-20 |url-status=dead }}</ref> Both ClamAV and its updates are made available free of charge. One of its main uses is on [[Mail transfer agent|mail servers]] as a server-side [[email virus]] scanner. 

== History ==
ClamAV was initially released with version 0.10 on May 8, 2002, by Polish university student Tomasz Kojm.<ref name="clamav20">[https://blog.clamav.net/2022/05/celebrating-20-years-of-clamav.html Celebrating 20 years of ClamAV]</ref> In 2007, it was acquired by [[Sourcefire]],<ref name="techrepublic">[https://www.techrepublic.com/article/sourcefire-acquires-clamav/ Sourcefire acquires ClamAV]</ref> which in turn was acquired by [[Cisco]] in 2013<ref name="techcrunch">[https://techcrunch.com/2013/07/23/cisco-acquires-cybersecurity-company-sourcefire-for-2-7b/ Cisco Acquires Cybersecurity Company Sourcefire For $2.7B]</ref> and now operates under its [[Cisco Talos|Talos]] cybersecurity division.

=== Patent lawsuit ===
In 2008, [[Barracuda Networks]] was sued by [[Trend Micro]] for its distribution of ClamAV as part of a security package.<ref>{{cite web |url=http://www.linux.com/feature/126851 |title=Trend Micro patent claim provokes FOSS community, leads to boycott |publisher=Linux.com |date=2008-02-11 |access-date=2008-02-12}}</ref> Trend Micro claimed that Barracuda's utilization of ClamAV infringes on a [[software patent]] for filtering viruses on an [[Gateway (computer networking)|Internet gateway]]. The [[free software community]] responded in part by calling for a [[boycott]] against Trend Micro. The boycott was also endorsed by the [[Free Software Foundation]].<ref>{{cite web |url=http://www.fsf.org/blogs/community/boycottTrendMicro.html |title=Boycott Trend Micro |publisher=[[Free Software Foundation]] |date=2008-02-11 |access-date=2008-02-12}}</ref> Barracuda Networks counter-sued with IBM-obtained patents in July 2008.<ref>{{cite web|last=Paul |first=Ryan |url=https://arstechnica.com/open-source/news/2008/07/barracuda-bites-back-at-trend-micro-in-clamav-patent-lawsuit.ars |title=Barracuda bites back at Trend Micro in ClamAV patent lawsuit |publisher=Arstechnica.com |date=2008-07-02 |access-date=2012-02-14}}</ref>  On May 19, 2011, the U.S. Patent and Trademark Office issued a Final Rejection{{clarify|what does this mean in non-legalese?|date=March 2025}}<ref>{{cite web | url=http://www.groklaw.net/pdf3/90011022-18.pdf | title=Ex Parte Reexamination | publisher=U.S. Patent and Trademark Office | date=2011-05-19 | access-date=2015-10-04}}</ref> in the reexamination of Trend Micro's U.S. patent 5,623,600.<ref>{{cite web | url=http://www.groklaw.net/article.php?story=20110613091958268 | title=Anatomy of a Dying Patent – The Reexamination of Trend Micro's '600 Patent | publisher=Groklaw.net | date=2011-06-13 | access-date=2015-10-04}}</ref>

== Features ==
ClamAV includes a command-line scanner, automatic database updater, and a scalable multi-threaded [[daemon (computer software)|daemon]] running on an anti-virus engine from a shared library.<ref name=ClamAbout/> The application features a [[Milter]] interface for sent mail and on-demand scanning. It recognizes:

* [[ZIP (file format)|ZIP]], [[RAR (file format)|RAR]], [[Tar (computing)|Tar]], [[Gzip]], [[Bzip2]], [[OLE2]], [[Cabinet (file format)|Cabinet]], [[Compiled HTML|CHM]], [[BinHex]], and [[SIS (file format)|SIS]] formats
* Most mail file formats
* [[Executable and Linkable Format|ELF]] and [[Portable Executable]] (PE) files compressed with [[UPX]], FSG, Petite, NsPack, wwpack32, MEW, and Upack, or obfuscated with SUE, Y0da Cryptor.
* [[Office Open XML file formats]], [[HTML]], [[Rich Text Format]] (RTF) and [[Portable Document Format]] (PDF).<ref name="ClamAbout" />

The ClamAV virus database is updated at least every four hours and as of 10 February 2017 contained over 5,760,000 virus signatures<ref>{{Cite web |title=Introduction – ClamAV Documentation |url=https://docs.clamav.net/ |access-date=2024-03-09 |website=docs.clamav.net}}</ref> with the daily update Virus DB number at 23040.<ref name="AboutClamAV">{{cite web |url=http://www.clamav.net/about/ |archive-url=https://web.archive.org/web/20081120213532/http://www.clamav.net./about |url-status=dead |archive-date=2008-11-20 |title=About ClamAV |access-date=2008-12-25}}</ref><ref name="ClamHome">{{cite web |url=http://www.clamav.net/lang/en/about/ |archive-url=https://web.archive.org/web/20100918141732/http://www.clamav.net/lang/en/about/ |url-status=dead |archive-date=2010-09-18 |title=Latest Stable Release |access-date=2010-08-21}}</ref>

=== Real-time file scanning ===
{{Update section|date=December 2023|reason=based on old versions}}
In older [[Linux]] application versions, ClamAV did support [[Real time protection|real-time protection]] via the [[Fanotify]] add-on for the Linux kernel (version 3.8 and later.)<ref>{{Cite web|url=https://blog.clamav.net/2016/03/configuring-on-access-scanning-in-clamav.html|title=Configuring On-Access Scanning in ClamAV|first=Mickey|last=Sola}}</ref> Alternatively, one could use ClamFS (for any [[Unix-like]] [[operating system]] supporting [[Filesystem in Userspace|FUSE]]).

Nowadays, the Real-Time Protection in Linux Systems, is provided through ClamAV's ClamOnAcc application (under the name of "''On-Access Scanning''") – which uses ''Clamd'' to provide real-time protection by scanning files when they are accessed.<ref name=":1">{{Cite web |title=Scanning – ClamAV Documentation |url=https://docs.clamav.net/manual/Usage/Scanning.html#on-access-scanning |access-date=2024-05-02 |website=docs.clamav.net}}</ref>

In other words, the ''On-Access Scanner'' can detect and prevent access to malicious files based on the verdict received from ''Clamd''.<ref name=":1" /> By default, it operates in "''notify-only mode''", alerting users of any threats detected without actively blocking file access.<ref name=":1" />

Enabling "''prevention mode''" can considerably impact performance, especially in commonly accessed directories, so it is advised to use it judiciously.<ref name=":1" />

In order to use ClamOnAcc, users need to first run clamd and then start the On-Access Scanner as root (to leverage its kernel event detection and intervention capabilities).<ref name=":1" />

Configuration for On-Access Scanning is primarily done through ''clamd.conf,'' with additional options available in the On-Access Scanning User Guide.<ref name=":1" />

Users can run multiple instances of ClamOnAcc simultaneously with different configurations, allowing for customized protection settings for various directories.<ref name=":1" />

''ClamOnAcc'' (v0.102+) is a client application that operates alongside clamd (the ClamAV daemon), to perform On-Access Scanning.<ref name=":1" />

Regarding previous versions that were meant for [[Microsoft Windows]], a free, open-source app called Clam Sentinel did use to detect file changes and scanned modified files using ClamWin.<ref>{{cite web | url=http://cyberpillar.com/dirsver/1/mainsite/techns/bhndscen/protsoft/antimalw/antivir/avmswin/clamwin/mkclmwrt/mkclmwrt.htm | title=Clam Sentinel – Making ClamWin Be Used In Real-Time | author=Cyber Pillar | access-date=2014-09-01 | archive-date=2014-08-19 | archive-url=https://web.archive.org/web/20140819161847/http://cyberpillar.com/dirsver/1/mainsite/techns/bhndscen/protsoft/antimalw/antivir/avmswin/clamwin/mkclmwrt/mkclmwrt.htm | url-status=dead }}</ref> It did work with Windows 98 and later. In addition to on-access scanning, it used to feature optional system change messages and proactive heuristic protection.<ref name="ClamSentinel">{{cite web|url=http://sourceforge.net/projects/clamsentinel/ |title=Clam Sentinel |access-date = 2014-06-19}}</ref>

== Effectiveness ==
In the 2008 [[AV-TEST]] comparison of antivirus tools, ClamAV scored poorly in on-demand detection, avoiding false positives, and rootkit detection.<ref>{{cite web |url=http://blogs.pcmag.com/securitywatch/Results-2008q1.htm |title=Anti-virus comparison test of current anti-malware products, Q1/2008 |publisher=AV-Test GmbH |date=22 January 2008 |access-date=12 February 2008 |archive-url = https://web.archive.org/web/20110715060200/http://blogs.pcmag.com/securitywatch/Results-2008q1.htm |archive-date = 15 July 2011}}</ref>

In a Shadowserver six-month test between June and December 2011, ClamAV detected over 75.45% of all viruses tested, putting it in fifth place behind AhnLab, Avira, BitDefender and Avast. AhnLab, the top antivirus, detected 80.28%.<ref>{{cite web |url=http://www.shadowserver.org/wiki/pmwiki.php/AV/Virus180-DayStats |title=ShadowServer 180 Day Stats |publisher=shadowserver.org |date=2011-08-16 |access-date=2011-12-16 |archive-url=https://web.archive.org/web/20111127145417/http://www.shadowserver.org/wiki/pmwiki.php/AV/Virus180-DayStats |archive-date=2011-11-27 |url-status=dead }}</ref>

In 2022 [[Splunk]] conducted an efficacy study involving 416,561 malware samples sourced from [[MalwareBazaar]], bucketed as follows: 106135 Banking Trojans (trojans targeted towards stealing financial information); 26875 Botnets (malware for making the victim a part of a botnet); 190371 Information Stealers (programs designed to steal client information. E.g. Keyloggers); 52422 Loaders (program that loads one or more other malicious programs – that is, a stager that fetches harmful things directly into memory); 1321 Miners (crypto currency miners); 30251 RATs (Remote access tools. E.g. Backdoors); and 8273 Trojans (a generic multipurpose malware that harms the user in different ways – generally disguises itself and delivered by tricking the user). Splunk's study concluded ClamAV was 59.94% effective overall at detecting commodity malware – being able to detect 249,696/416,561 samples.<ref>{{Cite web|url=https://www.splunk.com/en_us/blog/security/how-good-is-clamav-at-detecting-commodity-malware.html|title=How Good is ClamAV at Detecting Commodity Malware?|website=Splunk-Blogs}}</ref> 

In that same study, ClamAV performed relatively well at detecting certain types of malware in certain types of files (E.g. DOCX files, DIL files, ELF files, DOC files and EXE files), but was less effective in detecting malware in JAR files, JS files, VBS files, Z files, RAR files, and XLSB files. In addition, ClamAV performed well in detecting a few top level categories of malware like Trojans & Botnets but performed poorly on other malware types like Crypto Miners, RATs and Info Stealers.<ref>{{Cite web|url=https://www.splunk.com/en_us/blog/security/how-good-is-clamav-at-detecting-commodity-malware.html|title=How Good is ClamAV at Detecting Commodity Malware?|website=Splunk-Blogs}}</ref>

== Unofficial databases ==
The ClamAV engine can be reliably used to detect several kinds of malicious files.  In particular, some [[phishing]] emails can be detected using antivirus techniques.  However, false positive rates are inherently higher than those of traditional malware detection.<ref>{{cite web |url=https://uab.edu/cas/thecenter/images/Documents/High-Performance-Content-Based-Phishing-Attack-Detection.pdf |title=High-Performance Content-Based Phishing Attack Detection |author1=Brad Wardman |author2=Tommy Stallings |author3=Gary Warner |author4=Anthony Skjellum |date=5 August 2011 |website=uab.edu |access-date=19 March 2018}}</ref>

There are several unofficial databases for ClamAV:

* Sanesecurity is an organization that maintains a number of such databases; in addition, they distribute and classify a number of similar databases from other parties, such as Porcupine, Julian Field, MalwarePatrol.<ref name="sanesecurity">Sanesecurity [http://www.sanesecurity.com/clamav/databases.htm Phishing, Scam and Malware signatures for ClamAV] {{Webarchive|url=https://web.archive.org/web/20150910185428/http://www.sanesecurity.com/clamav/databases.htm |date=2015-09-10 }}</ref> 
* SecuriteInfo.com also provides additional signatures for ClamAV.<ref name="securiteinfo">SecuriteInfo.com [https://www.securiteinfo.com/services/improve-detection-rate-of-zero-day-malwares-for-clamav.shtml Add 4.000.000 signatures to ClamAV Antivirus]</ref>

ClamAV Unofficial Signatures are mainly used by system administrators to filter email messages.<ref>{{cite web |url=http://sourceforge.net/projects/unofficial-sigs/ |title=ClamAV Unofficial Signatures Updater |author=<!--Staff writer(s); no by-line.--> |date=24 May 2009 |website=sourceforge.net |access-date=2 September 2014}}</ref>  Detections of these groups should be scored, rather than causing an outright block of the "infected" message.<ref name="sanesecurity"/>

== Platforms ==

=== Linux, BSD ===
ClamAV is available for [[Linux]] and [[Berkeley Software Distribution|BSD]]-based operating systems.<ref name=ClamAbout/> In most cases it is available through the distribution's repositories for installation.

On Linux servers ClamAV can be run in daemon mode, servicing requests to scan files sent from other processes. These can include mail exchange programs, files on [[Samba (software)|Samba]] shares, or packets of data passing through a proxy server.

On Linux and BSD desktops ClamAV provides on-demand scanning of individual files, directories or the whole PC.<ref name=ClamAbout/>

=== macOS ===
[[macOS Server]] has included ClamAV since version 10.4. It is used within the operating system's email service. A paid-for graphical user interface is available from Canimaan Software Ltd<ref name=":0">{{Cite news|url=https://www.clamxav.com/about-us/|title=About us|work=ClamXAV|access-date=2017-07-15|language=en}}</ref> in the form of ''ClamXav''.<ref name="ClamXAV">{{cite web |url=http://www.clamxav.com/ |title=ClamXAV.com |access-date=2009-01-24 |last=ClamXav.com |year=n.d.}}</ref> Additionally, [[Fink (software)|Fink]], [[Homebrew (package management software)|Homebrew]] and [[MacPorts]] have ported ClamAV.

Another program which uses the ClamAV engine on macOS, is Counteragent. Working alongside the [[Eudora Internet Mail Server]] program, Counteragent scans emails for viruses using ClamAV and also optionally provides spam filtering through [[SpamAssassin]].

=== OpenVMS ===
ClamAV for [[OpenVMS]] is available for [[DEC Alpha]] and [[Itanium]] platforms. The build process is simple and provides basic functionality, including library, the <code>clamscan</code> utility, the <code>clamd</code> [[Daemon (computing)|daemon]], and <code>freshclam</code> for update.<ref name="OpenVMS">{{cite web |url=http://clamav.dyndns.org/clamav/ |title=Clam AntiVirus OpenVMS Project News |access-date=2008-12-25 |last=Chupahin |first=Alexey |date=December 2008 |archive-url=https://web.archive.org/web/20111006011551/http://clamav.dyndns.org/clamav/ |archive-date=2011-10-06 |url-status=dead }}</ref>

=== Windows ===
There are [[IA-32]] and [[x64]] variants of ClamAV available for Windows; additionally, [[Cisco Systems|Cisco]]'s [[Immunet]] uses ClamAV as its engine.<ref>{{Cite web|title=Alternate Versions of ClamAV|url=https://www.clamav.net/downloads#otherversions|url-status=live|archive-url=https://web.archive.org/web/20211122150607/https://www.clamav.net/downloads#otherversions|archive-date=22 November 2021|access-date=26 November 2021|website=clamav.net|publisher=[[Cisco Systems]]|quote=Immunet, powered by ClamAV, is a [...] Windows desktop anti-virus (AV) solution}}</ref>

=== OS/2 ===
A port of ClamAV is available for [[OS/2]] (including [[eComStation]] and [[ArcaOS]]) with a native UI written in [[REXX]].<ref name="os2-ui">{{cite web |url=http://remydodin.levillage.org/en/realisations.php?item=5900&id=realisations|title=My graphical user interface for "ClamAV"|access-date=2020-09-03}}</ref><ref>{{cite web|url=https://ecsoft2.org/clamav-clamav-gui-rexx-qt4-ecsclamav|access-date=2020-09-03|title=Clamav, ClamAV-GUI (Rexx & QT4) & eCSClamav}}</ref>

== Graphical interfaces ==
Since ClamAV does not include a [[graphical user interface]] (GUI) but instead is run from the command line, a number of third-party developers have written GUIs for the application for various platforms and uses.

These include:
[[File:ClamTk 5.27.png|thumb|[[ClamTk]] 5.27 running on [[Lubuntu 19.04]]]]
* [[Linux]]
** [[ClamTk]] using gtk2-perl; project is named for the [[Tk (framework)|Tk]] libraries that were used when it began<ref name="ClamTk">{{cite web |url=http://clamtk.sourceforge.net/ |title=ClamTk Virus Scanner |access-date=2008-12-25 |last=Mauroni |first=Dave |date=December 2008}}</ref><ref>{{cite web |url=https://manjeet.info/how-to-scan-files-for-viruses-in-node-js-using-clamav/ |title=use clamav with nodejs |date=4 April 2023 |publisher=manjeet.info |access-date=2024-07-01}}</ref><ref name="ClamTkreadme">{{cite web |url=http://clamtk.sourceforge.net/README |title=ClamTk README |access-date=2008-12-26 |last=Mauroni |first=Dave |date=October 2008 |archive-date=2011-09-14 |archive-url=https://web.archive.org/web/20110914050853/http://clamtk.sourceforge.net/README |url-status=dead }}</ref>
** KlamAV for [[Trinity Desktop Environment|TDE]] (development of the original [[KDE]] version was discontinued in 2009<ref name="KDE">{{cite web |url=http://sourceforge.net/projects/klamav/ |title=KlamAV – Main Page |access-date=2013-03-04 |last=KlamAV F. |date=May 2006}}</ref>)
** wbmclamav is a [[webmin module]] to manage Clam AntiVirus<ref name="web min">{{Cite web|url=https://wbmclamav.esaracco.fr/|title=wbmclamav – The Webmin ClamAV Antivirus manager|first=Emmanuel|last=Saracco|website=wbmclamav.esaracco.fr}}</ref>
* [[macOS]]
** ClamXav is a port which includes a graphical user interfaces and has a "sentry" service which can watch for changes or new files in many cases. There is also an update and scanning scheduler through a [[cron]] job facilitated by the graphical interface. ClamXav can detect malware specific to macOS, Unix, or Windows.  The ClamXav application and the ClamAV engine are updated regularly.<ref name="ClamXav">{{cite web |url=http://www.clamxav.com/ |title=ClamXav.com |access-date=2008-12-25 |last=ClamXav.com |date=November 2008}}</ref> ClamXav is written and sold by Canimaan Software Ltd.<ref name=":0" />
** Tiger Cache Cleaner is [[shareware]] software which installs and presents a graphic interface for using ClamAV to scan for viruses, and provides other unrelated functions.
* [[Microsoft Windows]]
** [[Immunet]]
** [[ClamWin]]
** [[CS Antivirus]]<ref name="softpedia1"/>
** [[Graugon AntiVirus]]<ref name="softpedia1">{{cite web |url=http://www.softpedia.com/get/Antivirus/CS-Anti-Virus.shtml |title=CS Anti-Virus description |publisher=Softpedia.com |date=2009-03-23 |access-date=2010-11-09}}</ref>
** [[Clam Sentinel]]
* [[OS/2]]
** ClamAV-GUI<ref name="os2-ui" />

=== ClamWin ===
[[File:ClamWin on Windows XP.png|thumb|ClamWin running on [[Windows XP]]]]
{{Main|ClamWin Free Antivirus}}

ClamWin is a graphical user interface front-end ClamWin Pty Ltd. developed for ClamAV on [[Microsoft Windows]]. Features include on-demand (user-started) scanning, automatic updates, scheduled scanning, and integration with [[File Explorer]] and [[Microsoft Outlook]]. ClamWin does not provide [[real-time protection|on-access scanning]]. A [[Firefox add-on]] enables ClamWin to scan downloaded files.<ref>{{cite web |url=https://addons.mozilla.org/en-US/firefox/addon/fireclam/ |title=FireClam: Use ClamAV to scan Firefox downloads for viruses |publisher=Firefox Addons |access-date=2009-11-02}}</ref><ref>{{cite web|url=https://addons.mozilla.org/en-US/firefox/addon/clamwin-antivirus-glue-for-fir/ |archive-url=https://archive.today/20121220214917/https://addons.mozilla.org/en-US/firefox/addon/clamwin-antivirus-glue-for-fir/ |url-status=dead |archive-date=2012-12-20 |title=ClamWin Antivirus Glue for Firefox |publisher=Firefox Addons |access-date=2008-04-15 }}</ref> Several other extensions allow users to process downloaded files with any software and scan the files with ClamWin.<ref>{{cite web |url=http://downloadstatusbar.mozdev.org/downscan/ |title=Download Scan |publisher=Downloadstatusbar.mozdev.org |date=2005-08-19 |access-date=2010-11-09}}</ref><ref>{{Cite web|url=https://addons.mozilla.org/en-US/firefox/addon/download-statusbar/|title=Download Statusbar}}</ref><ref>{{cite web |url=http://extensions.geckozone.org/SafeDownload |title=Safe Download |publisher=Extensions.geckozone.org |access-date=2010-11-09}}</ref><ref name="AboutClamwin">{{cite web |url=http://www.clamwin.com/content/view/71/1/ |title=About ClamWin Free Antivirus |access-date=2009-03-13 |last=ClamWin Pty Ltd |year=2009 |archive-url=https://web.archive.org/web/20100125005824/http://www.clamwin.com/content/view/71/1/ |archive-date=2010-01-25 |url-status=dead }}</ref>

== See also ==
{{Portal|Free and open-source software}}
* [[Comparison of antivirus software]]
* [[Firewall (computing)]]
* [[Comparison of firewalls]]
* [[Comparison of computer viruses]]
* [[List of computer worms]]
* [[List of free and open-source software packages]]
* [[Software patents and free software]]

== References ==
{{reflist|colwidth=30em}}

== Further reading ==
* An interview with ClamAV founder Tomasz Kojm [https://web.archive.org/web/20120206053729/http://www.emailbattles.com/2005/08/31/virus_aabejfhaib_ag/ archived version]

== External links ==
{{Commons category|ClamAV}}
* {{Official website|https://www.clamav.net}}

{{Antivirus software}}

{{DEFAULTSORT:Clam Antivirus}}
[[Category:Antivirus software]]
[[Category:Antivirus software for Linux]]
[[Category:Cloud applications]]
[[Category:Cross-platform free software]]
[[Category:Free antivirus software]]
[[Category:Free software programmed in C]]
[[Category:Free security software]]