Clam Antivirus (ClamAV) - Installation and usage
In Debian Jessie 8.3 and 10 I wanted to scan a Windows partition before booting it, to reduce the risks of getting an infected system. It turned out there was at least one antivirus program supplied in the repositories - Clam Antivirus. It installs like this: sudo bash apt install clamav If you want a graphical interface: apt install clamtk If you want a daemon (clamd) to monitor the system: apt install clamav-daemon
Signatures must be updated, and it does it by itself silently directly after install using the freshclam command which also can be run on it's own. To follow the update process: tail /var/log/clamav/freshclam.log However, on Debian 10 it fails to download, because of a too large signature file and too restricted timeout settings. In /etc/clamav/freshclam.conf set the following parameters to higher than 30 seconds, like the following: ConnectTimeout 30000 ReceiveTimeout 30000 When the update is done you can scan files.
Scanning files and directories
There are some parameters that are important. You need to specify recursive mode and you need to supply a log file. If not it will only walk the current directory and only tell you a summary at the end of the file list. So: clamscan -i -l /path/to/desired/logfile.txt -r /what/to/scan/for/viruses/ Explanation of parameters: --infected -i Only print infected files --log=FILE -l FILE Save scan report to FILE --recursive[=yes/no(*)] -r Scan subdirectories recursively
This is a personal note. Last updated: 2021-01-07 16:14:54.