Locating Infected Files in Logs
I ran a scan (clamscan -r --remove /home/) on my user's home directory yesterday & since I have so many users on my mail server, it takes a very long time to complete. I came back in this morning and realized that there were two infected files found during last nights scan:
Code:
----------- SCAN SUMMARY ----------- Can anyone please help me understand how I can locate the directory / files that were infected? Thanks! |
Hi,
clamscan does not use any logs, so you can't find what the infected files were. Next time you run clamscan in such an amount of files, you can add the "-l scan-results.txt" option, so you'll get the scan summary along with the infected files, if any. Regards |
Quote:
|
If you want to have virus scan logs, you should run clamd and use clamdscan for virus scanning. You can configure clamd to use its own logfile, or use syslog to write in system logs. Take a look at clamd.conf for details.
In my opinion running clamd as a daemon is only useful in case you run a mailserver and want to scan mail for viruses, because it's faster. For occasional use it's better to use clamscan. Regards |
I am running a mail server but never knew I could scan manually with 'clamdscan' versus 'clamscan'.
So you're saying I should continue to manually scan my mail server with 'clamscan' and let it automatically scan incoming mail itself using 'clamdscan', right? |
Quote:
Regarding mail, you have to configure your mailserver to use clamdscan to pass mail through clamd in order to check for viruses. Regards |
All times are GMT -5. The time now is 10:02 PM. |