OAV-Logo Main





OAV Virus



Talks & Presentations




Official OpenAntiVirus.org Projects

ScannerDaemon / VirusHammer / PatternFinder

ScannerDaemon, VirusHammer and PatternFinder are a first, very basic implementation of a GPL'ed virus scanner written in Java, which is maintained by Kurt Huwig. For downloading the software please see the SF download page, please read the documentation online. You may use the online-version of VirusHammer. For submitting virus patterns please send a mail to signatures@openantivirus.org.
Please DO NOT use ScannerDaemon/VirusHammer as your sole virus protection at all! It currently lacks many features of modern (commercial) anti-virus products and therefore i.e. is not able to detect polymorphic viruses or macro viruses at all and/or reliable. Please read the current status page!
ScannerDaemon is supported by AMaViS, MIMEDefang and OdeiaVir. The OAV pattern file is used by MessageWall and Clam AntiVirus.

squid-vscan (virus scanning with squid)

squid-vscan allows to scan all traffic going through the popular Squid HTTP-Proxy for known viruses . It is a patch based on the work of Olaf Titz (SquidFilter). Kurt Huwig is currently working on a first proof-of-concept implementation with ScannerDaemon. You can read the documentation online

samba-vscan (on-access virus scanning with Samba)

samba-vscan is a proof-of-concept module for Samba, which uses the VFS (virtual file system) features of Samba 2.2.x/3.0 to provide an on-access Samba anti-virus. Of course, Samba has to be compiled with VFS support. It currently works with ClamAV (clamd/libclamav), FRISK F-Prot Daemon, F-Secure AV, H+BEDV AntiVir, Kaspersky AntiVirus, McAfee/NAI uvscan, mks32, OpenAntiVirus ScannerDaemon, Sophos Sweep, Symantec AntiVirus Engine (via ICAP) or Trend Micro. The latest release is 0.3.6b. If you're using Samba 3.0.25 (or later), please give 0.3.6c Beta5 a try. samba-vscan is maintained by Rainer Link.

samba-vscan is included in recent SUSE Linux / SUSE Linux Enterprise Server versions. Unofficial samba-vscan RPMs for SuSE Linux / SLES / UL1 can be found at SUSE's FTP server for Samba 2.2 / 3.0. SUSE ships samba-vscan since SUSE Linux 8.1 or so, RPMs for Mandrake Linux should be available and an eisfair package as well. samba-vscan is also in the FreeBSD ports collection. Some unofficial debs for Debian woody can be grabbed here, but this debs should be used for Samba packages built by Samba.org only! (thanks to Simo). A FreeBSD 5.3 package (self-built) can be grabbed here. Use at your own risk.

A re-design of samba-vscan has been discussed. The mentioned vscan caching server can be grabbed here - it's currently in alpha state, so it's for testing purposes only. No further development so far.
A first rewrite has been done in the HEAD branch of samba-vscan CVS tree; developement has been discontinued some time ago as Stefan is too busy with Samba related stuff. You can grab CVS snapshot as tgz.


VirusHammer is a standalone virus scanner to be run by end users. It is written in 100% pure Java and can be run on any Java enabled platform (JRE 1.3 or better required). There is a JavaWebStart version of VirusHammer available.


The Mini-FAQ is just a small text file which lists several anti-virus products for Unix/Linux. It's maintained by Rainer Link.

planned Projects

  • Rescue Disk/CD - set of 2 or 3 disks (or CD, of course) with a bootable mini Linux system and a virus scanner which is started automatically. Esp for Windows systems.
  • general on access-scanning (samba/FTP incoming/NFS et al) - Create an LKM, which directs every access to a file first to a running AV-daemon. You may use the EventModule from the OpenXDSM project or changedfiles as example. Or use the dnotify feature of Linux Kernel 2.4 (disadvantage: can't deny access of infected files), or fam/imon. Kurt Huwig recently developed such stuff based on Dazuko for ScannerDaemon. We're currently seeking for a name for this project!
  • (remote) management system - could be based on webmin, or written in Java, whatever :-) This project will be started soon ...

Projects by OpenAntiVirus.org Members

AMaViS - A Mail Virus Scanner

AMaViS is a script that interfaces a mail transport agent (MTA) with virus scanners. AMaViS is maintained by Lars Hecking and co-developed by Rainer Link.

httpf - a WWW security proxy

httpf is a proxy which forwards only allowed, harmless content. It's co-developed by Gregor Goldbach.

Inflex / XaMime / SignatureDB

Inflex and XaMime are eMail content-filtering / virus scanning tools. SignatureDB's purpose is to provide signatures/fingerprints of common, annoying emails/files, not specifically viruses. See Paul L Daniels Homepage for details

Projects by ML subscribers (and others)


Viralator is a perl script that virus scans http downloads on a linux server after passing through the squid proxy server. It's developed by various people around the world and maintained from Sydney by Dunc.


Halflife is an acronym for Heuristic Application Level Filtering for Linux IPTables Firewall Enhancement. This projects is headed by Christopher Crawford.


Qmail-Scanner, (also known as scan4virus) is an addon that enables a Qmail Email server to scan all gatewayed Email for certain characteristics. It's maintained by Jason Haar.


libqsearch is a C library aimed to search for set of patterns in buffers as fast as possible, which could be used for virus scan engines. It's maintained by Philippe Biondi.


mod_vscan is the virus scanning filter module for Apache 2.0.x (I tested only Apache 2.0.39). It scans the objects via generic http requests, proxy requests (with mod_proxy), and so on (I think web dav requests is also, but not tested). If your requests is infected with any viruses, the server responses status code 403 (access forbidden). It's maintained by Kazutoshi Kubota.


mod_clamav is a virus scanninf filter module for Apache 2.0.x using the Clamav virus scanning engine. It's maintained by Andreas Mueller


mod_savi is also an Apache 2.0.x module but for Sophos Sweep.

DansGuardian Anti-Virus Plugin

DansGuardian Anti-Virus Plugin is a GPL addon that takes the Virus Scanning capabilities of The MailScanner and integrates them into the content filtering web proxy DansGuardian. It's maintained by James A. Pattie


FileType is a simple filetype detection system written to provide developers with an easy to use, but effective library. It's maintained by Paul L. Daniels

Avfs: An On-Access Anti-Virus File System

Avfs: An On-Access Anti-Virus File System is a stackable file system for Linux, using (improved) ClamAV for virus scanning. It's a project of the File systems and Storage Lab, Stony Brook University.

If your project is missing, please contact Rainer Link.

to top of page

OAV-Logo Official OAV projects

Projects by OAV members

Projects by ML subscribers

[Powered by Google]   Translate this page to 

© 2000-2007 openantivirus.org
Fri May 25 08:35:24 2018 http://
Codebase: Revision: 0.8.4 (Thu Jan 1 00:00:00 1970 by reniar)