1.9 KiB
| obj | arch-wiki | website | rev |
|---|---|---|---|
| application | https://wiki.archlinux.org/title/ClamAV | https://www.clamav.net | 2024-01-17 |
ClamAV
Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. Because ClamAV's main use is on file/mail servers for Windows desktops, it primarily detects Windows viruses and malware with its built-in signatures.
Usage
Updating database
Update the virus definitions with:
freshclam
The database files are saved in:
/var/lib/clamav/daily.cvd
/var/lib/clamav/main.cvd
/var/lib/clamav/bytecode.cvd
Start/Enableclamav-freshclam.service so that the virus definitions are kept recent.
Starting the daemon
Note:
- You will need to run
freshclambefore starting the service for the first time or you will run into trouble/errors which will prevent ClamAV from starting correctly.- The daemon is not needed if you only want to perform stand-alone scans.
The service is called clamav-daemon.service.
Scanning for viruses
clamscan can be used to scan certain files, home directories, or an entire system:
clamscan myfile
clamscan --recursive --infected /home/archie
clamscan --recursive --infected --exclude-dir='^/sys|^/dev' /
If you would like clamscan to remove the infected file add to the command the --remove option, or you can use --move=/dir to quarantine them.
You may also want clamscan to scan larger files. In this case, append the options --max-filesize=4000M and --max-scansize=4000M to the command. '4000M' is the largest possible value, and may be lowered as necessary.
Using the -l /path/to/file option will print the clamscan logs to a text file for locating reported infections.