How to Use the Free ClamAV Linux Antivirus Software

Scan your Linux or Windows system for the latest threats

ClamTK Graphical Linux Antivirus screenshot

 

Lifewire

By
Gary Newell
Writer
Gary Newell was a freelance contributor, application developer, and software tester with 20+ years in IT, working on Linux, UNIX, and Windows.
our editorial process
Gary Newell
Updated January 02, 2020

Linux is considered by many people to be more secure than Windows, but like any computer, it can be vulnerable to malware, viruses, and trojans. Though the risk for contracting viruses on Linux may be somewhat low, it is still present, yet many people don't use antivirus software on their Linux systems.

As cybersecurity and attacks increase in prevalence, it is worth adding the extra peace of mind that antivirus software offers. That doesn't mean you have to spend a lot, however. This is where ClamAV comes in.

A Free Antivirus Solution

ClamAV is an open-source antivirus software toolkit that detects malicious software and viruses on a variety of operating systems, including Linux. It is often used on mail servers to scan for viruses in emails. Updates to ClamAV are available for free.

Three good reasons you should consider ClamAV for Linux include:

  1. You have sensitive data on your computer, and you want to lock down your machine as much as possible.
  2. You dual boot with Windows. Use ClamAV to scan all of your drive partitions and all additional drives on your computer.
  3. You want to create a system rescue CD, DVD, or USB to troubleshoot viruses on a friend's Windows-based computer.

Installing ClamAV

ClamAV works through the command line although a tool called ClamTK provides a nice and simple graphical interface.

You will find ClamTK within the package managers of most distributions. For instance, Ubuntu users will find it in the Software Centre and openSUSE users will find it within Yast. Use the graphical desktop for your distribution to locate and run the ClamTK package. The process is slightly different depending on the desktop environment and distribution.

Using ClamTK

ClamAV on Linux

The main application is split into four sections:

  • Configuration is used to set up how you want ClamAV to run.
  • History lets you see the results of previous scans.
  • Updates enables you to import new virus definitions.
  • Analysis shows you how to start the scans.
Linux ClamAV updates

Before you scan for viruses, load up-to-date virus definitions. Select Updates, and then press OK to check for updates.

Customizing ClamAV

Linux ClamAV settings

To change the settings, select the Settings icon. Hovering over each checkbox displays a tooltip explaining the purpose of each option. The first four checkboxes allow you scan for password checkers, large files, hidden files, and scan folders recursively. The other two checkboxes update and toggle how the icons work within the application (e.g., whether you have to click them once or twice).

Scanning for Viruses

Linux ClamAV scanning

To scan for viruses, select either the Scan a File icon or Scan a Folder icon. As a starting point, choose the Scan a Folder icon. You will be shown a browse dialog box.

Choose the drive you wish to scan (e.g., the Windows drive), and press OK. ClamAV will search recursively through the folders, depending on settings, looking for suspicious elements.

ClamAV doesn't claim to offer 100 percent protection, but no antivirus software can make this claim. ClamAV is effective, however.