Posts Tagged ‘Viruses’

How to install Clam Anti-Virus, update it, and use it in Ubuntu

September 25, 2009

Clam Anti-Virus is an open-sourced,  GPL-licensed, and a cross-platform application. ClamAV is capable of scanning files, directories, and archives for infected files. Filtering, coping, moving, and removing viruses are all options. For a virus-free PC.

Installing ClamAV

To install Clam Anti-virus, open the terminal and type:

sudo apt-get install clamav

Updating ClamAV database

When Clam is installed, its database may not be up-to-date so to update it enter the following:

sudo freshclam

Now the database will be updated. If you do not want check whether your database is up-to-date each time you want to search for viruses, the following command will check for database updates twice a day (you can increase the times by changing the number “2”, and notice that your limit is 50).

sudo freshclam -d -c 2

Once the enter key has been pressed it’ll ask for your password. This command will run as a daemon (runs in background), and will stop when the computer shuts down. To make is starts automatically when ubuntu starts, follow the following steps:

  1. Goto “System” –> “Preferences” –> “Startup Applications” (“Sessions” in ubuntu 8.10 & older).
  2. Press the “Add” button.
  3. In the name field type “ClamAV database update”, and in the command feild type “gksu freshclam -d -c 2“.
  4. Click the “Add” Button.

Because we used “gksu", each time you log into your gnome session a window will pop up asking for password (freshclam needs administrative privileges)

Of course, by using this method, the daemon will only start when you log into your gnome desktop. if you want it to start when your system boots up, add it with the rest of the system’s daemons; hal fam, gdb, …

Usng Clam AV

For scanning files, the command “clamscan” will be used.

  • To scan files under a specific file type this:

    • clamscan ~/MyFileToScan.extension (the viruses usually have the following extensions: .exe, .dll, .com, cmd, and .scr)

  • To scan files under a specific directory type this:

    • clamscan -r ~/MyDirectoryToScan (-r is used to search recursively)

  • To scan and delete the found viruses type:

    • clamscan -r --remove ~/MyDirectoryToScan

  • To scan and copy the found viruses type:

    • clamscan -r --copy ~/CopiedToHere ~/MyDirectoryToScan

  • To scan and Move the found viruses type:

    • clamscan -r --move ~/MovedToHere ~/MyDirectoryToScan

Other useful options:

  • To have ClamAV prints only the infected files instead of all of them, add the option -i
  • To make the console beeps whenever a virus is detected, ass the option --bell

The command I use for searching viruses:

sudo clamscan -r -i --bell --move ~/MyVirusArchive ~/DirectoryToScan

I use sudo so that ClamAV gets the capability of moving all the files, even the ones that I don’t have the permission to move as a normal user

Important Notes

  • This was tested on ubuntu 9.04 .
  • For more information and details see manpages: clamscan(1) and freshclam(1).
  • ClamAV also has a GUI, to install it type “sudo apt-get install clamtk” and then type “clamtk” to run the application.

This document was updated on 5 Nov. 2009

Anxious Nut

Tags:, , , ,
Posted in CLI, Software | 6 Comments »