Although Linux is less vulnerable to Virus infection, it is generally a good idea to still regularly scan entire PC, especially in a Windows-Linux dual-boot PC. Let’s take a look at how to perform virus scan in an Ubuntu PC using ClamAV opensource antivirus program. Using this guide one can scan Windows partition too to remove the virus. This guide is tested on Ubuntu 17.10 but should work in older versions of Ubuntu, Linux Mint, and elementary OS too.
ClamAV is a popular free and open source software (FOSS) that is used for cleaning up malware from various situations including email scanning, web scanning, and endpoint security. It provides a command line scanner and an advanced tool for automatic database updates. Its Virus database gets updated multiple times per day.
Launch ‘Terminal’ (keyboard shortcut: <alt><control><t>) and enter the following command.
sudo apt-get install clamav
Pay attention to the Terminal and enter the root password and ‘Y’ when you see a prompt to complete the installation.
Updating ClamAV Virus Signature Database
Next, you should update ClamAV virus database with latest so that the scanner can detect the recent malware too.
Use the following command in the Terminal.
Did you see an error that resembles the following?
ERROR: /var/log/clamav/freshclam.log is locked by another process ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
The error indicates that ClamAV is currently running in the background. You need to stop the program before installing updates.
Enter the following command:
sudo /etc/init.d/clamav-freshclam stop
Time to update the virus database now.
Finally, restart ClamAV using the following command:
sudo /etc/init.d/clamav-freshclam start
Scanning File System using ClamAV
ClamAV operates only in the command line. Therefore, it’s important to know what commands are available with it. To know the complete list of commands for ClamAV, enter the following in Terminal.
Enter ‘q’ to come out of man window.
You can use various combinations to do whatever you want. For example, if you want ClamAV to scan and list only the infected files in your home directory, the command would look like this:
clamscan -i -r ~/
You will not see any progress in the terminal and may look like it’s not responding, but it is completely normal. ClamAV reports the summary after the scan is finished.
Use the following command to remove the virus as it finds:
clamscan --remove=yes -i -r ~/