There were rumours here a while ago that GMail was using NOD32 as antivirus for scanning attachements for their free e-mail service. Now apparently (with 99% certainty) they're using ClamAV. And I'll tell you why... I've downloaded winrar 3.62 from official website (http://www.rarlab.com/rar/wrar362.exe) and wanted to attach it to my gmail account to send it. I was astonished to see a red label after that with the message: "Attachement can't be sent. It contains a virus". I've scanned the file on virustotal.com and the only AV to detect it is ClamAV: Trojan.Agent-14588 The conclusion seems simple.