ClamAV Antivirus Cheatsheet
sudo apt-get install clamav clamav-daemon
If you want a GUI:
sudo apt-get install clamtk
Update Signatures
sudo freshclam
Memory Usage
When running this against one of my small servers, I noticed it would run out of memory because it was only allocated 1GB. You will probably need more memory if you are going to run manual scans. It doesn't look like there is a ways to reduce the memory usage, but you can always use a swap file.
Commands
Full Scan Of Root Filesystem To Log File
sudo clamscan \
--suppress-ok-results \
--recursive \
--remove \
--log=/var/log/clamav-scan.log \
--cross-fs=no \
/
--cross-fs=no
means that it won't scan other filesystems.--remove
means that infections will get automatically removed.
You may wish to use one of following instead of --remove
.
--move=DIRECTORY
- move infected files into DIRECTORY--copy=DIRECTORY
- copy infected files into DIRECTORY
Local Recursive Scan
Recursively scan the current directory, but don't bother printing out all the OKs.
clamscan \
--suppress-ok-results \
--recursive \
.
Debugging
If you get the following message when running freshclam:
ERROR: /var/log/clamav/freshclam.log is locked by another process
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
ERROR: initialize: libfreshclam init failed.
ERROR: Initialization error!
Then run:
sudo systemctl stop clamav-freshclam.service
sudo freshclam
References
- Howtoforge - How to scan for viruses with ClamAV on Ubuntu
- clamav.net documentation
- Ask Ubuntu - clamav - ERROR: /var/log/clamav/freshclam.log is locked by another process?
Last updated: 21st August 2020
First published: 30th July 2020
First published: 30th July 2020