How to Use ClamAV to scan viruses?
ClamAV Introduction
Many viruses are not generated for Linux distributions. Because of this, most people who use such systems have never thought of using anti-virus software. However, some people do want to scan their systems or other Windows-based systems that connect to a Linux PC over a network, so they can use ClamAV. ClamAV is an open-source Anti-Virus engine designed to detect many viruses, Trojans, malware, and other threats. It supports multiple file formats (documents, executable files, or compressed files), and uses the multi-threaded scanner function to receive at least three to four feature database updates every day.
The first step is to install and obtain the latest feature update. To implement this step on Ubuntu, open the terminal, enter "sudo apt-get install clamav", and press Enter.
Sudo apt-get install clamav
You can also build ClamAV through source files to achieve better scanning performance. To update features, enter "sudo freshclam" in the terminal session and press Enter.
Sudo freshclam
Now we are ready to scan the system. Therefore, you can use the "clamscan" command. This rich command can process many different parameters, so you 'd better first enter "clamscan -- help" on the terminal to see the functions that you can implement with it.
Therefore, I will demonstrate scanning the "Downloads" folder in the main directory. I will select to output only infected files. If an infected file is found, the ringtone will ring. You can use the following command on the terminal: "clamscan-r-bell-I/home/bill/Downloads.
Clamscan-r-bell-I/home/bill/Downloads
To scan the entire system (which may take some time) and clear all infected files found during this process, run the following command: "clamscan-r-remove /". Sometimes, clearing infected files only causes more problems or faults. I suggest you always check the output first and then take the manual steps. In addition, you can use the "move" command as a parameter, such as "-- move =/home/bill/my_virus_collection" (example directory ).
ClamTK
If all this console content is too complex for you, you can also install an additional package named "clamtk", which is basically a gtk-2 GUI for ClamAV.
Sudo apt-get install clamtk
From the top panel Options menu of ClamTK, you can select any directory or file you want to scan, specify the directory to be added to the whitelist, and manage the files that have been isolated. You can also decide whether to perform a quick scan or recursive scan, or even check devices such as USB storage stick.
The scheduling program of ClamTK also allows you to easily schedule scheduled scans and schedule scheduled updates to the anti-virus feature database (you 'd better set the latter before setting the former ). In addition, if you find that a file is mistakenly labeled as a security threat, you can directly submit it to the ClamAV team on the ClamTK interface for further analysis.
Although I did not perform a speed comparison test between a console scan and a GUI scan, I did not notice any significant difference in time. ClamTK definitely simplifies the process, so I suggest you install it with ClamAV.