ClamAV Overview
ClamAV is an open-source and free antivirus that scans and removes malware, trojans, and malicious links. It’s popular for providing robust protection for Linux systems, but it also works on Windows and Mac devices.
Unfortunately, ClamAV doesn’t have many features. It’s good for scanning and removing viruses on your device, directories, and mail servers. However, it doesn’t offer extra features like parental controls, a personal firewall, or a VPN that you’d get with fully-featured antiviruses.
ClamAV works mostly via a command line interface where you can run scans and remove infected files from your system. There’s also a GUI app for Windows and Linux devices. It offers real-time protection (on-access scanning) for mail gateways and when you open a file on your Linux system. ClamAV’s virus database is constantly being updated to address newer threats.
In a Rush? Here’s a 1-Minute Summary
- Near-perfect malware detection rates. ClamAV detected and removed all Eicar malware samples from my device, but failed to detect a trojan file on my test machine. Jump down to see the full results.
- Command-line interface and third-party desktop apps. You can scan and remove viruses via your command line interface, but there are also graphical user interface apps for Windows and Linux devices. Find out how to configure the apps.
- Few customer support options. ClamAV doesn’t offer dedicated support channels like live chat and phone support. But you can access the online resources and community-based forums and email support. Take a look at the available support options.
- Free and open source software. ClamAV is free and open source. You can use it on all popular operating systems for free. Jump to learn more.
Security
ClamAV provides excellent malware detection results. It offers real-time scanning for malware on Linux-based devices and email gateway scanning. I was very impressed with the speed of the virus scanner. However, ClamAV lacks features like a quick scanner, web protection, and a firewall feature. These are features you would usually find included with top antiviruses.
Virus Scan — Near-Perfect Detection Scores
ClamAV provides a robust antivirus engine that’s constantly updated. It can detect trojans, viruses, malware, and other malicious threats. To test ClamAV’s effectiveness, I planted malware samples from the European Institute for Computer Anti-Virus Research (EICAR) on my test machine. ClamAV detected and removed all EICAR samples from my system during my tests.
I also downloaded other malware samples including trojans and potentially unwanted applications. Unfortunately, ClamAV failed to detect one of the trojan files hidden in a zip file. This was because ClamAV only uses a signature-based system to detect malware. In contrast, top antiviruses like Norton adopt a behavior-based detection system alongside the signature-based system to catch zero-day malware and even malicious applications.
I was impressed with ClamAV’s multithreaded scanner daemon. You can run a one-time scan using the command line interface for specific folders, drives, or directories.
ClamAV doesn’t have a quick scanner, but I could scan individual folders like my PC download folder in just 24 seconds. I also scanned C:/ drive (similar to a full scan) and ClamAV checked 116,941 files in 4 hours. In comparison, Norton’s full scan took only 23 minutes.
Real-Time Protection — Scans Files When You Open Them
ClamAV only offers real-time scanning for Linux devices. Its On-Access scanning automatically scans files when they’re accessed on a directory. It runs a separate scan application capable of preventing any malicious file that it discovers.
To enable On-Access scanning, you have to configure it on the “clamd.conf” file in the ClamAV folder. You can choose to configure the on-access scanner for prevention mode or notify mode. Prevention mode restricts access to the malicious files whereas notify mode only alerts you if a malicious file is detected, after which you can use the command line interface to take additional actions.
Mail Gateway Protection — Detects Viruses and Spam in Mail Servers
ClamAV provides a simple tool to scan your mail servers for malware and spam messages. It provides a mail filter for different mail transfer agents like Send mail, SMTP servers, and Outlook.
I like that ClamAV easily scans all emails for viruses, spam, and security vulnerabilities. During my tests, ClamAV detected all viruses in file attachments in my inbound and outbound emails. It was also able to detect phishing attacks, trojans, spam, worms, and spyware.
Features
ClamAV isn’t designed to be a full-fledged antivirus program. Its main use case is for detecting malware on systems and mail servers. As open-source software, its contributors leave out many extra features found in a traditional antivirus suite. You won’t find features like a VPN for encrypting your internet traffic, parental control features, personal firewall, device tune-up tools, gamer mode, and password manager.
Top antivirus software like McAfee and TotalAV come bundled with all these features. With an ever-increasing threat across all areas of the internet, you need an antivirus that provides protection against malware, internet security features, and device optimization tools.
ClamAV previously had a Safe Browsing feature that protected users against emails with links to suspicious websites. The feature was based on Google’s Safe Browsing API that was available for free. However, due to changes in the terms of use of the API, ClamAV no longer supports it.
Ease Of Use
ClamAV is compatible with Windows, Mac, and Linux devices, but it doesn’t work on mobile devices (instead, I recommend trying one of these antiviruses if you have an iPhone).
It’s a bit complicated to install and set up the command line interface (CLI). However, ClamAV also offers third-party GUI apps for Windows (ClamWin) and Linux systems (ClamTK).
ClamAV is a lightweight app but it isn’t easy to set up and use. Compared to user-friendly antiviruses like TotalAV, ClamAV is very complicated to set up. If you’re not an advanced user, you may find it difficult to use ClamAV’s CLI.
Command-Line Interface — Lightweight App for Removing Viruses
Beginners would find ClamAV’s CLI difficult to use. But if you have some previous Linux experience then it shouldn’t be a problem. To get started, I had to download the installation file from ClamAV’s website. I downloaded the latest package for my Windows PC and installed it in less than 2 minutes.
You can also install the ClamAV and use the CLI for Mac and Linux devices. However, the commands are different for each operating system. After downloading the Windows app, I opened the Windows PowerShell terminal (you should run it as an administrator) and changed the directory to the folder of ClamAV on my system.
- Change the directory
cd ‘C:Program FilesClamAV’ To configure ClamAV, run:
copy .conf_examplesfreshclam.conf.sample .freshclam.conf
copy .conf_examplesclamd.conf.sample .clamd.confNext, run:
write.exe .freshclam.conf
WordPad will pop up. Delete the line that says “Example” and save the file.- Then, run:
write.exe .clamd.conf
WordPad will pop up again. Delete the line that says “Example” and save the file. - Next, update the antivirus database:
.freshclamd.exe
After the engine is updated, you can run a scan for malware and remove it from any folder (I used my downloads folder in this example) or your whole drive by running the command:
.clamscan -- recursive C:UsersHPDownloads -- infected -- remove
Desktop App — Easy-To-Use Apps for Windows and Linux
ClamAV has a third-party Windows app (ClamWin). It is an easy-to-use free antivirus program, but it isn’t as user-friendly as these Windows-friendly antiviruses. There’s also a GUI app for Linux devices (ClamTK), which is pretty easy to install and use. I downloaded the Windows app first during my tests.
After installing the Windows client in less than 2 minutes, I was able to run scans for my whole system and selected folders. However, I found the app to be pretty basic. The user interface isn’t aesthetically pleasing, and it offers very limited features (only a virus scanner).
The Linux app (ClamTK) is similar to the Windows app, albeit with a more pleasant interface. It offers an easy-to-use, lightweight, on-demand desktop virus scanner for Linux. It is also very easy to install and works with major Linux distros, including Ubuntu, Arch Linux, and Linux Mint. Both ClamWin and ClamTK can be downloaded from SourceForge.
How to Download ClamAV’s GUI (ClamTK) for Ubuntu Linux
- Open your terminal — You can press CTRL + ALT + T to start the terminal.
![Screenshot showing clean Ubuntu terminal]()
- Make sure your packages are up to date — Run the command to download and update the package information for your system.
sudo apt update - Install ClamTK — You can install ClamTK from Ubuntu’s official repositories. Simply run the command in your terminal and enter your password.
sudo apt install clamtk
![Screenshot of ClamTK installation command for Linux]()
- Complete the installation — Enter “Yes” to continue the installation.
Support
Given ClamAV’s open-source nature, there’s no dedicated support team. Unlike top antivirus brands like Bitdefender which offer multiple support options, ClamAV doesn’t have live chat or phone support. You’ll have to make do with the FAQs, documentation articles, discord server, and email list subscriptions.
Email Support — Offers Community-Based Mailing List Subscription for Technical Support
ClamAV users have a mailing list that you can subscribe to get updates. You can also post a general question or seek technical support from other members of the list. I sent a question concerning the Mac app. However, I got an automated response that I had to subscribe to the list to post a question. Unfortunately, I tried repeatedly to subscribe to the list, but it wasn’t approved.
That said, I like that you can also search the mail list archives for previous emails and responses from the community. There are emails with helpful questions and answers on the list. The archives are categorized into month-by-month groups with different questions and responses which made it more like a forum.
Discord Support — Offers Helpful and Fast Support on the Discord App
ClamAV has a Discord server with multiple channels. It includes channels for malware research, ClamAV signature issues, a suggestion box, and a help desk. I asked a question about the macOS app on the help desk channel and got a response 20 minutes later.
The channels are very active and you’ll be able to surf through questions and responses from the community members. I found a lot of helpful answers on the Server, especially in the help desk channel. I find the Discord Server is the fastest way to get support for ClamAV and related projects.
Online Resources & FAQs — Documentation Page Contains Helpful Configuration Guides
ClamAV has a “documentation” page that functions more like a FAQ. However, it can be a bit difficult to parse through. Still, it offered a lot of helpful guides. It had installation and usage guides for all the supported operating systems along with the relevant commands.
There’s also an FAQ section on the “Documentation” page with guides, explanations of technical terms, and troubleshooting guides. However, most of the articles are best suited for advanced users and can be difficult for beginners.
Price
ClamAV is free and open-source software. As a result, there are no premium plans. You can use the software for free across all your devices. The third-party graphical user interface (GUI) apps like ClamWin and ClamTK are also free to use. However, there are a few premium apps built on the ClamAV engine like ClamXAV and Cisco Secure Endpoint. Other antiviruses like Bitdefender offer robust protection for Linux devices at an affordable price with more impressive features and add-ons like email security.
Final Verdict
ClamAV detects and removes viruses, trojans, and malware from your system. While it is popular for providing antivirus for Linux, it is also compatible with other operating systems like macOS and Windows. However, ClamAV is best suited for advanced users. You can use it via the command line in your terminal, but there are graphical user interface apps (GUI) by third parties for Windows and Linux.
I like how ClamAV protects my mail servers from viruses, phishing, and spam, with its mail filter. It also offers real-time protection (on-access scanning) on Linux. However, ClamAV lacks most features found on top antiviruses like VPN, parental controls, firewall, gamer mode, and password manager.
ClamAV’s engine is constantly being updated, making it even more competitive as more samples are added to the signature database. However, ClamAV isn’t there yet. There’s still much work to do by the contributors to the software. You can get fully-feature AV for all your devices, including Linux. Bitdefender provides an easy-to-use antivirus that has better detection abilities and works on Linux as well.
FAQ
Does ClamAV remove viruses?
Yes. ClamAV is effective at detecting and removing viruses, trojans, potentially unwanted applications, and other malware. However, you’ll have to run the right commands in your terminal to remove the virus. Keep in mind that you have to enter the “– infected — remove” prompt when running the “clamscan” command.
ClamAV’s graphical user interface (GUI) app, ClamWin, doesn’t remove viruses by default. But you can enable it to remove or quarantine infected files from Tools > Preferences. You should set it to quarantine files in case it is a false positive.
Is ClamAV any good?
| 🛡️Security | 7 / 10 |
| 💡Features | 2 / 10 |
| 👍Ease Of Use | 4 / 10 |
| 👨🔧Support | 5 / 10 |
| 💰Pricing | 9 / 10 |
| 🏳️Free trial | Yes |
| ⛔Firewall | No |
| 🛡️VPN included | No |
| 📱Number of devices | Unlimited |
| 💰Money-back guarantee | 0 Days |
| 🏷️Pricing Plan | $0/Year |
