ClamAV

Jump to: navigation, search
  • New ClamAV Logo.png ClamAV®
    clamav
  • ClamAV® is an open source antivirus engine.
  • Developer:
    Cisco Systems
  • License:
    GPLv2+

ClamAV® is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats.

Features

The Application is suited for all desktop environments at its usage is done completely through a terminal.

  • Command-line scanner
  • Milter interface for sendmail
  • Advanced database updater with support for scripted updates and digital signatures
  • Virus database updated multiple times per day
  • Built-in support for all standard mail file formats
  • Built-in support for various archive formats, including Zip, RAR, Dmg, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others
  • Built-in support for ELF executables and Portable Executable files packed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da Cryptor and others
  • Built-in support for popular document formats including MS Office and MacOffice files, HTML, Flash, RTF and PDF

Installation

In order to install ClamAV® you may open up the YaST package manager, and search for the package name of clamav. Afterwards, select it for installation and press accept.

Alternatively, you may install it through the command line using zypper by issuing this command:

sudo zypper install clamav

Configuration

After installing ClamAV® it is is necessary to go into the Services manager panel in the YaST control center, and enable the two services which are called clamd and freshclam.timer. Afterwards, restarting your computer will allow the services to start up during boot, and your ClamAV® virus signature database will be always updated automatically from now on.

First, start and enable freshclam service. It will download ClamAV® Virus Database. This is necessary for ClamAV® scanner to work.

sudo systemctl start freshclam
sudo systemctl enable freshclam.timer

Wait for around ten minutes, so it can finish downloading.

Then, optionally, start and enable clamd for live scanning.

sudo systemctl start clamd
sudo systemctl enable clamd

Usage

Scanning for viruses is done through the terminal. In order to do a full scan of your home folder you should issue the following command:

clamscan --max-filesize=4000M --max-scansize=4000M --recursive=yes --infected /home

Alternatively, if you wish to scan your root folder the following command must be used:

sudo clamscan --max-filesize=4000M --max-scansize=4000M --recursive=yes --infected /

Note: By default ClamAV® will not remove any viruses found by it. In order for ClamAV® to automatically remove found viruses you must append the --remove option to the above commands. For example:

clamscan --max-filesize=4000M --max-scansize=4000M --recursive=yes --infected --remove /home

External links