ClamAV

page type::article thing type::software purpose::antivirus license::open-source

About
ClamAV is free, open-source anti-virus software for Linux, Windows, and many other operating systems.

How To
To disinfect a Windows PC by running ClamAV from an Ubuntu liveCD:
 * Boot the liveCD
 * Install the "clamav" package
 * Mount the infected drive (opening it from "Locations" will do)
 * run df to find out the drive's filesystem path. We'll assume it's /media/disk.
 * Run clamscan in read-only mode to see if there are any detectable infections:
 * clamscan -v -r /media/disk
 * To move infected files into a quarantine area (only partially tested):
 * sudo clamscan -v -r --move=/media/disk/quarantine /media/disk
 * real-world example -- this should quarantine the infections in addition to finding them:
 * sudo clamscan -v -r --move=/media/IBM_PRELOAD/etc/quarantine /media/IBM_PRELOAD
 * If no infections found, you may still be able to find infections with one of the Windows versions; there may be a way to force the Linux version to use the very latest data engine, but I'm not sure. Hopefully this basic scan will be enough to make a hopelessly virus-bound system usable again.

Windows
In Microsoft Windows, ClamAV is available in two varieties:
 * ClamWin (home page)
 * Immunet, formerly "ClamAV for Windows" and "ClamAV&trade; powered by Immunet"

Error Codes

 * Failed to install runtime with error code 1601 - ClamAV for Windows can't be installed in "safe mode", despite the obvious advantage of being able to do this with an anti-virus program.

Official

 * ClamAV
 * ClamWin