ClamAV® — Is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats.
ClamAV can be installed by issuing the following command in the terminal:
# apt-get install clamav clamav-daemon
Note: It is recommended to restart your machine after the installation, so that the virus signature database updates and informs ClamAV about the update.
How to change freshclam configuration
ClamAV needs to have up to date virus signatures to work effectively. To configure your ClamAV install change the line '?DatabaseMirror db.local.clamav.net' - the 'local' needs to be changed to your country code.
Scanning for viruses
ClamAV is able to scan separate files or if necessary entire directories. An example of a command is demonstrated bellow.
To scan a file:
$ clamscan file
To scan a directory (In this instance your home directory):
$ clamscan --recursive=yes --infected /home
Note: If you would like ClamAV to remove the infected files add the --remove option.
By default ClamAV will not scan files larger than 20Mb. In order to override that setting the options --max-filesize=2000M --max-scansize=2000M must be appended to the command. Where the size 2000M may be replaced as necessary by the user. An example is provided bellow.
$ clamscan --max-filesize=2000M --max-scansize=2000M --recursive=yes --infected /home
Note: Making ClamAV fully scan each and every file in your home folder may take up a lot of time (2+ hours) depending on the amount of files in your homer folder.