How to Use the Free ClamAV Linux Antivirus Software

Scan your Linux or Windows system for the latest threats

by
Gary Newell
Writer
Gary Newell was a freelance contributor, application developer, and software tester with 20+ years in IT, working on Linux, UNIX, and Windows.
our editorial process
Gary Newell
Updated on March 13, 2020

Linux is considered by many people to be more secure than Windows, but like any computer, it can be vulnerable to malware, viruses, and trojans. Though the risk for contracting viruses on Linux may be low, it is present, yet many people don't use antivirus software on their Linux systems.

As cybersecurity and attacks increase in prevalence, it is worth adding the extra peace of mind that antivirus software offers. That doesn't mean you have to spend a lot, however. This is where ClamAV comes in.

A Free Antivirus Solution

ClamAV is an open-source antivirus software toolkit that detects malicious software and viruses on a variety of operating systems, including Linux. It is often used on mail servers to scan for viruses in emails. Updates to ClamAV are available for free.

Three reasons you should consider ClamAV for Linux include:

  • You have sensitive data on your computer, and you want to lock down your machine as much as possible.
  • You dual boot with Windows. Use ClamAV to scan all drive partitions and additional drives on your computer.
  • You want to create a system rescue CD, DVD, or USB to troubleshoot viruses on a friend's Windows-based computer.

Install ClamAV

ClamAV works through the command line. However, a tool called ClamTK provides a simple graphical interface.

You will find ClamTK in the package managers of most distributions. For example, Ubuntu users will find it in the Software Centre, and openSUSE users will find it within Yast.

Use the graphical desktop for your distribution to locate and run the ClamTK package. The process is slightly different depending on the desktop environment and distribution.

Use ClamTK

The main application is split into four sections:

  • Configuration is used to set up how you want ClamAV to run.
  • History lets you see the results of previous scans.
  • Updates enables you to import new virus definitions.
  • Analysis shows you how to start the scans.
ClamAV on Linux

Before you scan for viruses, load up-to-date virus definitions. Select Updates, then press OK to check for updates.

OK button in ClamAV

Customize ClamAV

To change the settings, select the Settings icon. Hover over each checkbox to display a tooltip explaining the purpose of each option. The first four checkboxes allow you to scan for password checkers, large files, hidden files, and scan folders recursively. The other two checkboxes update and toggle how the icons work within the application (for example, whether you have to click icons once or twice).

Linux ClamAV settings

Scan for Viruses

To scan for viruses, select either the Scan a File icon or Scan a Folder icon. As a starting point, choose the Scan a Folder icon. You are shown a browse dialog box.

Choose the drive you wish to scan (for example, the Windows drive), then press OK. ClamAV searches recursively through the folders, depending on the settings, and looks for suspicious elements.

ClamAV doesn't claim to offer 100% protection, but no antivirus software can make this claim. ClamAV is effective, however.

Linux ClamAV scanning
Was this page helpful?