ClamAV

ClamAV is an open-source (GPL-2) anti-virus engine. The base package provides a number of utilities, including a daemon (clamd), a command line scanner (clamscan), an on-access file scanner (clamonacc), and a tool for fetching updates (freshclam).

ClamAV is a flexible tool, and can be used in many different ways including:
 * Providing email virus scanning as part of a mail gateway
 * Web scanning
 * Endpoint Security (desktop scanning)

This is often accomplished by an application or service calling ClamAV as part of its workflow, for example Postfix can be configured to connect to a ClamAV daemon listening for connections on the system.

= Installation =

First, Install ClamAV:

Run  to download the latest ClamAV detection database.

Start the ClamAV service and add it to the default runlevel:

Scan your home directory to validate the installation:

= Configuration =

The default Gentoo configuration of clamd is sane for desktop systems; changes can be made to. If the desired functionality is the ability to scan files for viruses no changes need to be made.

On Access File Scanning
On Linux systems ClamAV is able to use the fanotify API to perform on-access file scanning of nominated directories. is the included utility that provides this functionality and it shares its configuration with clamd in

Configure clamd.conf - in this example /home will be recursively watched by clamonacc:

Download an eicar test file to a location within the include path.

Invoke clamonacc with elevated permissions to test the configuration

Attempt to access the eicar test file - clamonacc should prevent this.

Additional clamonacc configuration
If the default default  performance is insufficient, and there are available system resources, the following configuration values can be adjusted (increased from the default) in :


 * MaxQueue
 * MaxThreads
 * OnAccessMaxThreads

ClamAV GUI
can be installed to provide users with a GUI for that can (among other things): configure clamd scan settings, schedule scans of the user's home directory, and launch on-demand scans of individual files or folders.