Do you need an antivirus program in Ubuntu? Some may say that you don’t, but viruses and malware exist in Linux systems. Even if the viruses do not infect the machine, there may be infected files on the file system that may be shared. And if that happens, you’re spreading infected files unwittingly.
What are your options? You can install ClamAV on Ubuntu. ClamAV is primarily a command line tool for scanning your computer for viruses, which desktop users would not typically like. But there’s a frontend GUI for ClamAV called ClamTK, which makes virus scanning easier and more user-friendly.
Install ClamAV on Ubuntu
In this post, we’ll install ClamAV on Ubuntu 20.04, but the procedure should work with other versions.
- First, log in to Ubuntu and open a terminal session.
- Run this command to update the package index:
sudo apt update
- After updating, run the following command to install ClamAV on Ubuntu and its daemon:
sudo apt-get install -y clamav clamav-daemon
- Lastly, confirm the ClamAV version you installed:
The clamscan command is ClamAV’s command line tool for virus scanning. As you can see below, the newest version as of this writing is 0.103.6. The 26669 value is the virus definitions database version.
Update the Virus Definition Database
The clamav-freshclam daemon default downloads and applies the daily virus definitions database to your computer. This task is essential to keeping your ClamAV prepared to handle new viruses and their variants.
But if you need to update the virus definitions out of schedule, here’s how you can do it.
- First, stop the clamav-freshclam daemon so it won’t interfere with the manual update:
sudo systemctl stop clamav-freshclam
- Run the following command to download the updated database:
- Once the update is complete, restart the clamav-freshclam daemon:
sudo systemctl start clamav-freshclam
Scan for Viruses in the Terminal
The action begins now that you’ve installed ClamAV and updated the virus database.
To scan your whole home directory, you can run the below command.
sudo clamscan --infected --remove --recursive ~/
The above commands use these options during the virus scan.
- –infected — this option suppresses the printing of non-infected files on the terminal.
- –recursive — performs recursive scanning of the specified directory.
- –remove — this option indicates that ClamAV automatically removes the files it found to be infected. Be careful when using this option because false positives may be affected.
In the example below, ClamAV found and deleted two infected files and showed the scan summary after.
What if you just want to scan one file? Run the same command without recursion; the target must be the exact file path.
sudo clamscan --infected --remove ~/Downloads/eicarcom2.zip
So far, so good. But wouldn’t it be better if there’s a GUI option? Not everyone is comfortable using the command line. The good news is, there’s ClamTK.
ClamTK is the frontend GUI that allows you to perform scans on demand, schedule scans, and run updates on your ClamAV Ubuntu setup.
To install ClamTK, run this command:
sudo apt install -y clamtk
Once installed, launch ClamTK like so:
Scanning with ClamTK
Now that you have ClamTK, you can start using it to perform virus scans on folders and files.
Say you want to scan a directory and everything in it. To do so, click Scan a directory.
Select the directory to scan and click OK.
Once the scan completes and if there are infected files found, you can choose to quarantine or delete those files.
Create a Scan Schedule
There’s no scheduled scan after you install ClamAV on Ubuntu. So let’s create one.
Click Scheduler, specify the hour and minute of the scan schedule and click the plus sign.
Now the status should say that A daily scan is scheduled. At this point, you can click Close to go back to the main window.
And that’s it! You’ve completed the ClamAV Ubuntu installation and setup. Your system is now protected.
ClamAV is an excellent free solution for protecting your computer against viruses and malware. Its daily updates mean that your antivirus is programmed to detect new threat variants and how to combat them.
In addition, ClamTK makes your ClamAV experience much more user-friendly. You don’t need to memorize and run commands manually. All you need to do is click your way through the GUI to figure out the ClamAV capabilities and configure and execute them.