English • 中文
ClamAV is a command line virus scanner. It can only detect viruses; it cannot remove them from files. It detects viruses on all platforms, but due to the popularity of the platform, it primarily detects Windows viruses and malware. Others antivirus running on Ubuntu can be found here.
ClamAV is in the Universe repository. (If you do not have Universe enabled, see AddingRepositoriesHowto). ClamAV has two modes of operation; a program that loads into memory only when you want to scan a file, or for more regular use (such as scanning all incoming e-mail), a program that connects to a daemon that is always running. Database updates can also be downloaded automatically .
- For manual use: install the package
- For automated use: install the package
Both methods will also install
clamav-freshclam, the updater. After installing, you may be asked some questions about how to get virus signature updates. Select the download site closest to you. ClamAV updates are a very small download and it is well worth scheduling them to happen automatically.
How can I...
freshclam. You will see an output like this:
[email protected]:/etc/clamav # freshclam ClamAV update process started at Wed Apr 27 00:06:47 2005 main.cvd is up to date (version: 31, sigs: 33079, f-level: 4, builder: tkojm) daily.cvd is up to date (version: 855, sigs: 714, f-level: 4, builder: ccordes)
If you are using a http proxy to connect to the internet you will have to edit the file /etc/clamav/freshclam.conf adding:
HTTPProxyServer serveraddress HTTPProxyPort portnumber
如何使用 clamav 扫描病毒？
- To check files in the all users home directories:
clamscan -r /home
- To check all files on the computer, displaying the name of each file:
clamscan -r /
- To check all files on the computer, but only display infected files and ring a bell when found:
clamscan -r --bell -i /
When ClamAV has scanned all the files you asked it to, it will report a summary:
----------- SCAN SUMMARY ----------- Known viruses: 33840 Scanned directories: 145 Scanned files: 226 Infected files: 1 Data scanned: 54.22 MB I/O buffer size: 131072 bytes Time: 20.831 sec (0 m 20 s)
clamav-daemon. You can then use
clamdscan where you would previously have used
clamscan. Lots of programs, especially e-mail servers, can connect to a ClamAV daemon. This speeds up virus scanning as the program is always in memory. The
clamav-daemon package creates a 'clamav' user; in order to allow ClamAV to scan system files, such as your mail spool, you can add clamav to the group that owns the files.
如何查看 clamav-daemon 是否正在运行？
Look for it in the processt list, or use this handy shortcut:
ps ax | grep [c]lamd
You can add --remove to the clamscan or clamdscan commandline.
Note: No virus scanner is 100% accurate. It is always best to manually check the files you delete, if you are not totally sure that this is what you want to do.
如何查看 ClamAV 的版本？
[email protected]:/etc/clamav # clamdscan -V ClamAV 0.83/855/Tue Apr 26 06:40:32 2005
Learn about other options?
如何为 ClamAV 设置自动运行的计划任务？
You can use the
at command to schedule clamscan or freshclam. For example:
at 3:30 tomorrow at>clamscan -i /home/user > mail [email protected] at> <CTRL-D> job 3 at 2005-04-28 03:30
You have now scheduled a ClamAV scan to happen on your home directory at 3:30 AM tomorrow. The output (showing only infected files) will be sent to you by e-mail.