ClamAV reporting that it failed to find any virus.
|Written in||C, C++|
|License||GNU GPL v2|
ClamAV is a free GPL-licensed anti-virus solution for GNU/Linux, *BSD, Windows and macOS. It has a command-line utility that lets you scan for viruses, a on-access scanner daemon called
clamonacc and a virus-database update daemon called
ClamAV comes with a handy tool for updating virus signatures called
freshclam. It can be ran manually or regularly using either a cron job or a systemd service. Distributions using systemd ship ClamAV with a
clamav-freshclam.service which can be used to run
The actual virus signature databases are stored in
Finding The Virus
clamscan program is used to locate the virus. It can take a single file or a folder, or multiple files and/or folders, as arguments. The
-r option is needed to recursively scan directories. You will also likely want
clamscan will, by default, print list of every file scanned with a
Infected next to it and not print the names of infected files in the report it generates. You will only get something like this if a virus is found:
----------- SCAN SUMMARY ----------- Known viruses: 8519188 Engine version: 0.103.2 Scanned directories: 1 Scanned files: 359 Infected files: 2
You will be able to see what files are infected with the virus if you run
clamscan -i so it only prints the files that have the virus when it scans.
Most of the virus signatures in its database are for Windows viruses. Some are for the now very old MS-DOS viruses. There are only a few signatures for Linux-native viruses in the ClamAV database.
It should be noted that ClamAV relies entirely on signature files for known viruses, it will not find or detect a brand new, to it unknown, virus.
ClamAV should be a basic building block in any production mail setup; it is designed to work well with all the commonly used mail filters.
clamonacc, ClamAV On Access, is a Linux-only system daemon that can be used to scan files in real-time as they are accessed. It can be enabled on distributions using systemd using the
clamonacc.service service file.