How to clean virus by command line scan in Ubuntu and Linux Mint

Use ClamAV to scan entire PC, including Windows Partition!

Although Linux is less vulnerable to Virus infection, it is generally a good idea to still regularly scan entire PC, especially in a Windows-Linux dual-boot PC. Let’s take a look at how to perform a virus scan in an Ubuntu PC using ClamAV opensource antivirus program.

Using this guide one can scan Windows partition too to remove the virus. This guide is tested on Ubuntu 17.10 but should work in older versions of Ubuntu, Linux Mint, and elementary OS too.

Installing ClamAV

ClamAV is a popular free and open source software (FOSS) that is used for cleaning up malware from various situations including email scanning, web scanning, and endpoint security. It provides a command line scanner and an advanced tool for automatic database updates. Its Virus database gets updated multiple times per day.

Launch ‘Terminal’ (keyboard shortcut: <alt><control><t>) and enter the following command.

sudo apt-get install clamav

Pay attention to the Terminal and enter the root password and ‘Y’ when you see a prompt to complete the installation.

Installing ClamAV in Ubuntu 17.10
Installing ClamAV in Ubuntu 17.10

Updating ClamAV Virus Signature Database

Next, you should update ClamAV virus database with latest so that the scanner can detect the recent malware too.

Use the following command in the Terminal.

sudo freshclam

Did you see an error that resembles the following?

ERROR: /var/log/clamav/freshclam.log is locked by another process
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).

The error indicates that ClamAV is currently running in the background. You need to stop the program before installing updates.

Updates ClamAV Virus Signatures
Updates ClamAV Virus Signatures

Enter the following command:

sudo /etc/init.d/clamav-freshclam stop

Time to update the virus database now.

sudo freshclam

Finally, restart ClamAV using the following command:

sudo /etc/init.d/clamav-freshclam start

Scanning File System using ClamAV

ClamAV operates only in the command line. Therefore, it’s important to know what commands are available with it. To know the complete list of commands for ClamAV, enter the following in Terminal.

man clamav

Enter ‘q’ to come out of man window.

You can use various combinations to do whatever you want. For example, if you want ClamAV to scan and list only the infected files in your home directory, the command would look like this:

 clamscan -i -r ~/

You will not see any progress in the terminal and may look like it’s not responding, but it is completely normal. ClamAV reports the summary after the scan is finished.

ClamAV Scan Report
ClamAV Scan Report

Use the following command to remove the virus as it finds:

 clamscan --remove=yes -i -r ~/

That’s it!

Kiran Kumar
Hi there! I'm Kiran Kumar, founder of FOSSLinux.com. I'm an avid Linux lover and enjoy hands-on with new promising distros. Currently, I'm using Ubuntu as a daily driver and run several other distros such as Fedora, Solus, Manjaro, Debian, and some new ones on my test PC and virtual machines. I have a day job as an Engineer, and this website is one of my favorite past time activities especially during Winter ;). When I'm not writing for FOSSLinux, I'm seen biking and hiking on scenic trails. Hope you enjoy using this website as much as I do writing for it. Feedback from readers is something that inspires me to do more, and spread Linux love!. If you find a time, drop me an email or feedback from the 'Contact' page. Or simply leave a comment below if you found this article useful. Have a good day!

3 COMMENTS

  1. Dear,

    Please guide me or give some solutions to scan malware on Centos.
    I am use VPS on Vultr and my website have get malware, some malware for SEO from attacker.
    How I scan and remove it from VPS.

    Thanks,
    Duong

  2. Not a programmer but love using Linux, no more Windows for me. Thanks so much for this extremely useful and important information.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

STAY CONNECTED

24,261FansLike
192FollowersFollow

LATEST ARTICLES

Uninstall Programs in Ubuntu
Uninstallation of programs can be done by graphical way using the Ubuntu Software Center, and the Synaptic Package manager. Command-line way of doing it is also possible using apt-get and aptitude commands. We shall discuss each one of them in detail.
Ubuntu 19.10 beta overview
It may be early, but I've been looking forward to the release of Ubuntu 19.10 for some time now. As an impatient person, and promised readers in the FOSSLinux article announcing the release of Eoan Ermine that we would provide you a review of Ubuntu 19.10 Eoan Ermine - Beta.  So, here it goes.
cool and fun linux commands
The real purpose of this article is to help Linux newbies get comfortable and confident with the Linux command-line.  While knowledge and comfort of the Linux GUI allow great power, it is the mastery of the command line, or CLI, affords the Linux user unlimited power and certifies them as a Linux power user well on their way to becoming an expert.