These days having some form of anti-virus is a must, common sense works most of the time but it's good to have a backup just in case, ClamAV is a very minimal anti-virus that performs exceptionally well, it's also free and open source.
Get the latest stable version here, as of this time 'clamav-0.99.2-x64.msi', once installed you will need to configure it.
Open the location you installed it to, by default for me 'C:\Program Files\ClamAV-x64', once you are in there create a new text file and name it 'freshclam.conf', due to the windows security system you may need to make and edit this on your desktop before moving it in.
A lot of options are available that you can view in the sample configuration files, but for now just add in the basics.
DatabaseDirectory C:\Program Files\ClamAV-x64\database UpdateLogFile C:\freshclam.log LogFileMaxSize 25M DNSDatabaseInfo current.cvd.clamav.net DatabaseMirror db.uk.clamav.net DatabaseMirror database.clamav.net
This is all pretty well self explanatory, you will need to create the database folder or change the path to the database if you installed it somewhere else.
Open a command prompt as administrator, this can be done by finding it in your start menu, right clicking it and clicking 'Run as administrator', change to your ClamAV folder with 'cd C:\Program Files\ClamAV-x64' for example and type freshclam.exe, if all is well it will update the database.
To ensure you get regular updates you can setup a scheduled task, to do this run taskschd.msc (Windows Task Scheduler) and perform the following:
- Click the 'Task Scheduler Library' folder on the left side
- On the Actions bar click 'Create Task'
- Give the task an appropriate name
- Check 'Run with highest privileges' and 'Run whether user is logged on or not'
- On the Triggers tab add a new trigger
- Set the type to 'At log on'
- Check the 'Repeat task every' and enter a desired time interval (I.E 2 hours)
- Set the 'for a duration of' box to Indefinitely
- On the Action tab add a new 'Start a program' action, with the path to freshclam.exe
- On the Conditions tab uncheck 'Stop if the computer switches to battery power'
- Click OK and enter your user password to save the task
- Restart your computer
Running a scan
Scanning is done by running clamscan.exe, again this is a command line program, to scan a single file simply type 'clamscan.exe path-to-file.exe', the exact same can be used for a directory as well, if you wish to scan all subdirectories add the -r flag like so 'clamscan.exe -r folder-to-scan'
There are a lot of options available, you can list them all by typing 'clamscan.exe --help', some of the most useful are given below:
- --detect-pua Scans for possible unwanted applications
- --exclude=regex Excludes files matching the regex expression
- --exclude-dir=regex Excludes directories matching the regex expression
- --include=regex Only scan files matching the regex expression
- --include-dir=regex Only scan directories matching the regex expression
- --log=file.txt Save scan results to a text file
- -o Skip printing OK files
- -i Only print infected files
- --bell Play system alert sound if infected file is found
ClamAV certainly can't be described as user friendly but it's definitely powerful and versatile, while the command line interface can be a bit daunting at first it's something you will learn to love, this article has only touched on the basics of what ClamAV can do so don't forget to check out the official documentation.