clamav is a GPL licensed free software anti-virus solution for GNU/Linux and BSD systems. It has a command-line anti-virus scanner and a daemon which can update the anti-virus database automatically. clamav can and should be a standard part of e-mail and file server setups.
clamav comes with a handy program called
freshclam which updates clamavs virus signature databases automatically. Distributions using systemd ship clamav with a
clamav-freshclam.service which runs
The actual databases are stored in
Finding The Virus
clamscan program can be used to locate the virus. A file or directory can be used as an argument. The
-r option is needed to recursively scan directories.
Most of the virus signatures in the database are for Windows viruses. Some are for very old MS-Dos viruses. There are very few signatures for native Linux viruses in the database.
Testing ClamAV against a large collection of MS-DOS games revealed the presence of two different viruses.
It should be noted that ClamAV relies on signatures, it will not find a brand new unknown virus.
Older (pre October 2019) versions of ClamAV will crash when scanning malicious .zip files