jmarya/knowledge
jmarya/knowledge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
knowledge/technology/applications/clamav.md
JMARyA 17e3bc0c75
refactor
2023-12-05 15:57:53 +01:00

47 lines
No EOL
1.9 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
obj: application
os: linux
arch-wiki: https://wiki.archlinux.org/title/ClamAV
website: https://www.clamav.net/
---
# ClamAV
Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. Because ClamAV's main use is on file/mail servers for [Windows](../windows/Windows.md) desktops, it primarily detects [Windows](../windows/Windows.md) viruses and malware with its built-in signatures.
## Usage
### Updating database
Update the virus definitions with:
```shell
freshclam
```
The database files are saved in:
```
/var/lib/clamav/daily.cvd
/var/lib/clamav/main.cvd
/var/lib/clamav/bytecode.cvd
```
Start/Enable`clamav-freshclam.service` so that the virus definitions are kept recent.
### Starting the daemon
> **Note:**
> - You will need to run `freshclam` before starting the service for the first time or you will run into trouble/errors which will prevent ClamAV from starting correctly.
> - The daemon is not needed if you only want to perform stand-alone scans.
The service is called `clamav-daemon.service`.
### Scanning for viruses
`clamscan` can be used to scan certain files, home directories, or an entire system:
```shell
clamscan myfile
clamscan --recursive --infected /home/archie
clamscan --recursive --infected --exclude-dir='^/sys|^/dev' /
```
If you would like `clamscan` to remove the infected file add to the command the `--remove` option, or you can use `--move=/dir` to quarantine them.
You may also want `clamscan` to scan larger files. In this case, append the options `--max-filesize=4000M` and `--max-scansize=4000M` to the command. '4000M' is the largest possible value, and may be lowered as necessary.
Using the `-l /path/to/file` option will print the `clamscan` logs to a text file for locating reported infections.
Reference in a new issue View git blame Copy permalink