Although Linux is popular for being mostly virus-free, there might still exist some-especially if you usually download stuff from unreliable sources. Since viruses are not a major issue in Linux, there is not a huge pool of antivirus software available for this operating system. One of the best among these is the ClamAV antivirus which does its job pretty good.
In this article, we will explain how you can install and use the following programs in order to scan your Ubuntu system for viruses:
- ClamAV - A command line utility: It is a free, open source, and cross-platform antivirus toolkit for detecting many types of malicious software and viruses.
- ClamTK - A Graphical utility: ClamTk is a graphical front-end for the Clam Antivirus. It is designed to be an easy-to-use, lightweight, on-demand antivirus scanner for Linux systems.
We have run the command and procedures mentioned in this article on a Ubuntu 18.04 LTS.
Working with ClamAV
If you prefer a command line utility for busting viruses on your Ubuntu, you can use the ClamAV software through your Terminal application.
Install ClamAV
Follow these steps in order to install ClamAV on your Ubuntu.
First, open the Terminal application either through the application launcher search or the Ctrl+Alt+T shortcut.
In order to install the latest available version of software from the Internet repositories, your local repository index needs to be in line with them. Run the following command as sudo in order to update your local repository index:
$ sudo apt-get update
Then, run the following command as sudo in order to install the ClamAV daemon from the APT repositories:
$ sudo apt-get install clamav clamav-daemon
The system might ask you the password for sudo and also provide you with a Y/n option to continue the installation. Enter Y and then hit enter; ClamAV will then be installed on your system. The process may, however, take some time depending on your Internet speed.
You can verify your ClamAV installation and also check the version number by running the following command in your Terminal:
$ clamscan --version
Scan for Viruses
The ClamAV utility provides you with many options on the basis of which you can scan files and folders on your system for viruses. You can get detail about these options by viewing the ClamAV help as follows:
$ clamscan --help
Example:
In this example, I will be scanning the current user’s Pictures folder.
$ sudo clamscan --infected --remove --recursive /home/sana/Pictures
It is usually good to run the command as sudo so that all the confidential folders can also be scanned without permission issues.
The command is supposed to scan and remove all the files and folders recursively inside the /home/user/Pictures folder.
The output shows the Scan Summary in the following format:
You can use the following command in order to scan your entire Ubuntu system:
$ sudo clamscan --infected --remove --recursive /
Remove
If you ever feel like removing the ClamAV utility from your Ubuntu, you can do so through the following command:
$ sudo apt-get remove clamav clamav-daemon
Enter y when the system prompts you with a y/n option. The software will then be removed from your system.
Working With ClamTK
If you prefer using the Ubuntu GUI for busting viruses on your Ubuntu, you can use the ClamTK software that is easily available in the Ubuntu Software Center.
Install ClamTK
Please follow these steps in order to install ClamTK using the Ubuntu Software Manager:
On your Ubuntu desktop Activities toolbar/dock, click the Ubuntu Software icon.
Click the search icon and enter ClamTK in the search bar. The search results will list the relevant entries as follows:
The ClamTK entry listed here at the top is the one maintained by the Ubuntu Bionic Universe repository. Click on this search entry to open the following view:
Click the Install button to begin the installation process. The following authentication dialog will appear for you to provide your authentication details.
Please note that only an authorized user can add/remove and configure software on Ubuntu. Enter your password and click the Authenticate button. After that, the installation process will begin, displaying a progress bar as follows:
ClamTK will then be installed on your system and you will get the following message after a successful installation:
Through the above dialog, you can choose to directly launch ClamTK and even Remove it immediately for whatever reason.
How to Scan for Viruses
You can launch ClamTK through the command line by running the following command:
$ clamtk
Or, use the Activities Overview search bar to launch the application as follows:
This is how the ClamTK utility looks like:
Through this UI you can make the following configurations:
- View and set your preferences through the Settings icon
- View and update scanning whitelist through the Whitelist icon
- Edit proxy settings through the Network icon
- Schedule scan or signature update through the Scheduler icon
You can manage History, such as:
- View previous scans using the History icon
- Manage quarantined files through the Quarantine icon
Manage Updates such as:
- Updating antivirus signatures through the Update icon
- Configure signature update preferences through the Update Assistant icon
Most importantly, you can perform scanning Analysis such as:
- Scan a File
- Scan a directory
- View a file’s reputation through the Analysis icon
Remove
If you want to remove ClamTK that was installed using the above method, you can remove it from your system as follows:
Open the Ubuntu Software Manager and search for ClamTK. You will see the “Installed” status in the search entry. Click this entry and then click Remove from the following view:
The system will prompt you with an Authentication dialog. The software will be removed when you provide the password for sudo user and click Authenticate on the dialog.
So these were two ways to use the Clam Antivirus; through the command line and through the UI. You can install and use one, or even both, depending on your preference and make sure that your Ubuntu files are free of any malicious content.