Hi there, On Wed, 20 Dec 2017, Dan Rawson wrote:
Even starting the file manager took 20 or 30 seconds with that scan running.
Run the scans when you're in bed.
I did search through the documentation but didn't see much addressing "best practices" in a single machine environment.
There are too many permutations of use cases to make such recommendations. You need to use your loaf. Incidentally that applies to 'performance' as well. For example you haven't asked what percentage of the extant threats you can expect to identify. At a rough guess in percentage terms I'd say in the low tens. You can search the archives for my published reasoning. You also haven't asked what you'd do if you actually found something nasty. My advice to you would be first, unplug the network connection(s); second, make a mug of your favourite beverage and take some time out to think. Do you have automatic security updates set up and working? If not, stop playing with ClamAV and before you do anything else get that sorted out. Maarten Broekman wrote:
My suggestion is, yes. Run ClamAV. But don't rely on just the official databases.
+1 (check those archives again). Alain Zidouemba wrote:
Might be better to exclude "Win.", rather than chose what to include.
That would be fine in a perfect world (i.e. one where Windows didn't exist:). But we live in a world where it's possible to read, on some box which is immune to a particular bit of Windows malware, a malicious email from a miscreant or an infected Windows box, and then forward it to another, vulnerable Windows box, thus acting as an agent for malware. It's neither reasonable nor responsible to ignore Windows signatures, and, if you transport data between networks, most likely you should be scanning uploads as well as downloads. I'm not sure that scanning files on a reasonably well-administered Linux box is going to be productive unless it's used for uploading and/or publishing files from unknown sources. Which I personally think with a few notable exceptions is insane, but people do it. I've run a few dozen Linux boxes for a more than couple of decades, and I can't remember the last time I scanned the filesystem on any of them. It would only have been to see how long it took; I wouldn't have expected to find anything other than false positives. If you find malware on your machine you've already dropped the ball. -- 73, Ged. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml