[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SOLVED] need help with clamav

> > The posting was fine.  I use clamav in Squeeze, but I have not had
> > the same problems that you cited.  It works fine for me; hence, I
> > did not respond since I had no feedback to give.  
> Thanks for the comment Mark.

You're welcome.  One problem I did have with clamav was when it was run
to scan everything.  It would get stuck in the /sys directory for some
reason.  So, I excluded that directory, and it has worked fine since.
I use the command line to run it, and I run it as root user.

I have a file called "theclam" which I keep in my /usr/local/bin
directory (so that I can simply type "theclam" -- w/out quotes -- to
run it).  The file contains the following:

exec clamscan / --exclude-dir=/sys --detect-pua --detect-broken -i -r
--log=/home/mark/clamscanresult -v --max-filesize=4000m

The above doesn't delete the files that it flags.  Instead, within the
log file, it marks them as "FOUND -- blah blah explanation blah".  I
then do a case-sensitive search for the word "FOUND", and check out the

Rather than the older "volatile" repository, you need the following in
your sources.list to get the most recent updates:

# latest clamav clamav-daemon and avscan for squeeze
deb http://mirrors.kernel.org/debian squeeze-updates main contrib

Also, to scan rar files, you'll need the libclamunrar package (I think
it's libclamunrar6), along with either unrar from non-free, or
unrar-free.  libclamunrar is in the aforementioned squeeze-updates

Others here have argued that it's not necessary to worry about viruses
and stuff when using Linux, but I still like to do it to feel a bit
safer (admittedly, if I were to deactivate the root account and set up
some sort of sudo thingy, as seems more common now, I might be safer --
but oh well).  It seems like the right thing to do good to actively try
not to spread viruses and malware (even if such malware doesn't affect
your own system.)  It's the act of a decent netizen, I feel.


Reply to: