Adam you do NOT have to run fresh clam every day. one you have performed 1 freshclam close the term open YAST>System>System Services Change to expert mode at the top. In the list you will find 'clamd' 'freshclam' and 'freshclam' Start bother services if not running then finish. This will auto update your daily clam database without interference, however again I caution you this provided NO protection. One your question about being notified of any problem just scan from the root directory as the user root and include the '-v' for be verbose option as well as the option to scan all subdirectories. If you are really worried create a subdirectory directory off /home/ something like /home/quarantine and include in you scan options --b and --move=/home/quarantine in this way you will get an audiable bell if anything is found, the --v option will give you a complete summary at the end and any infection will be moved to the directory as above Dont forget to scan from the root and scan all subdirectories option shown in help Scott Adam Jimerson wrote:
On Sunday 12 August 2007 02:17:22 am Registration Account wrote:
Adam, hi there
clamAV is NOT a real time ant-virus application. If you copy an infected file onto you disk then is will be copied across without saying anything.
1. go to your favourite xterm 2. log in as root 3. execute the command "freshclam" 4. when it finishes you need to run scans from time to time, now that you have executed a freshclam the daily database should be updates regularly - check Yast>system run levels - expert mode. after 5.still as root execute "clamscan - h" This will give you the options you need to scan.
If you have more than 30GB of program and data and you scan the lot - let it run overnight - it just might be finished in the morning and the end will contain a -v verbose summary or you can use the "-move=/home/xx/ quarantine" and if anything is found it will be moved the the directory specified, however the directory must exist first.
There is a GUI version of clamAV
You can search Yast software for KlamAV or see the website http://www.klamav.net or http://www.clamav.net for the xterm
Its Beta software and version 0.4.14.1 as it is would have cost me my job in the past despite its beta status and is the absolute worst GUI interface as far as usability/flexibility/performance/adaptability I have ever seen despite its BETA status.
1. You think the xterm scan is slow...just wait. 2. try to load the real-time-agent - I could not. 3. Try and clean an infected file - you cannot. 4. Ignore the little spider top right corner - it contains all the browser script errors - and it uses Konqueror's browsing setting to communicate with the internet so if you have stuffed that up your KlamAV browser wont work 5.The only email it will protect is Kmail. 6.Good luck in loading the auto-scan option 7.If you try to suspend you PC it will not be able to halt the KLamAV application and it will sit in limbo - to get out hit you off button on you PC for 1 second (and I mean 1 second - its quite long)only and your session should restore. 8. It is pretty!
Hope this helps
Scott
Adam Jimerson wrote:
Does clamav log everything it outputs by default or do you have to tell it to do so in the syntax? The resion why I am asking this is clamscan says that I have some infected folders, don't know where, and I would like to check to see if it is not giving me a false positive or not.
The thing is I really don't think my system has a virus, not even in windows, I went and installed Avast Linux Workstation updated its virus database and scanned my system and according to avast the only problems that it found is that it wasn't able to read a couple of files, no viruses or anything. Then to make sure it wasn't under Windows I booted windows updated Avast's virus database then rebooted it into safemode and scanned from there and it came up clean. Then to be sure I used the Microsoft One Care online scanner to see if it could find anything, again every was clean.
BTW I know that clamAV does not do real-time scanning and that I have to run freshclam to update its database, and I did that before I ran it the first time.