Install ClamAV Anti-Malware Protection on Ubuntu 20.04 - How to do this ?

Although it is said that malware that infects Linux is not very common, it is still a very good idea to install anti-malware protection software on your Linux machine. If you transfer files between machines or exchange files with other computer users, you may want to scan such files for viruses and other forms of malware.

Here at LinuxAPT, as part of our Server Management Services, we regularly help our Customers to perform Software Installation tasks on their Linux Servers.

In this context, we shall look into how to install ClamAV — an open-source anti-malware protection software developed by Cisco Systems on Ubuntu.

Also, we will install a graphical tool for using ClamAV called ClamTK.

How to install ClamAV on Ubuntu ?

To begin, run the following command to update the list of packages on Ubuntu if you have not done so in a while:

$ sudo apt-get update

Run the next command to begin installing ClamAV:

$ sudo apt-get install clamav

If prompted, enter y to continue installing ClamAV.

How to Download the Latest ClamAV Virus Database on Ubuntu ?

ClamAV uses a frequently updated database of known viruses. The database files are stored in /var/lib/clamav by default.

i. First, run the command below to stop the ClamAV database updater service so that the necessary files can be successfully accessed:

$ sudo systemctl stop clamav-freshclam

ii. Next, download the latest ClamAV virus database by running the following command:

$ sudo freshclam

iii. You may now start the ClamAV database updater by running the command below:

$ sudo systemctl start clamav-freshclam

iv. To ensure that the ClamAV database updater service is always started whenever the system boots, run the next command:

$ sudo systemctl enable clamav-freshclam

How to Perform a Manual Scan with clamscan on Ubuntu ?

For your basic scanning tasks, ClamAV includes a command-line tool called clamscan.

The basic usage of the clamscan command is:

$ clamscan [options] [file or directory path to scan]

To see all available clamscan options, run:

$ man clamscan

Some common options for using clamscan include:

–log=file – to save the scan report to the specified file

–bell – to sound a bell when a virus is detected

–recursive – to scan all subfolders within the specified directory

–max-filesize=xm – to skip files larger than xm, where x is a number and m means megabytes

For example, the following command scans everything in my home directory:

$ clamscan -r /home/linuxapt

How to Schedule a Daily Scan with clamscan on Ubuntu ?

In order to schedule a daily scan, you could create a small script in /etc/cron/cron.daily containing the clamscan instructions.

i. Run the following command to create the script file.

$ sudo nano /etc/cron.daily/clamscan_daily

As an example, the script below will recursively scan my Downloads folder. 

ii. You may copy this script but remember to edit the folder path to scan on the second line.

#!/usr/bin/env bash
clamscan -r /home/shola/Downloads

iii. Save changes and close the file.

iv. Next, run the command below to make the script file executable.

$ chmod +x /etc/cron.daily/clamscan_daily

The script will automatically run once a day.

How to Install ClamTK on Ubuntu ?

ClamTK is a free tool that you can use to easily manage the ClamAV anti-malware software through a graphical user interface. This can be used as an alternative to the clamscan command-line tool.

To install ClamTK, run the following command:

$ sudo apt-get install clamtk

How to Launch ClamTK on Ubuntu ?

You can launch ClamTK either from the Applications menu > Accessories or by running the following command in the Ubuntu terminal:

$ clamtk

How to Configure ClamTK ?

In the Virus Scanner window that appears, you will see options to quickly configure settings, perform a manual scan, schedule a scan, view the quarantine, and so on.

How to Configure clamtk settings ?

In the Virus Scanner main Window, click Settings and then check all options.

Then, Click Back to return to the main window.

How to Configure clamtk scheduler ?

1.  In the main window, click Scheduler

2.  Use the + and – buttons to set a time to scan your home directory

3.  Remember to click the big green plus icon to confirm your settings

4.  You should then see a message at the bottom of the window indicating that a daily scan has been scheduled

You could also schedule a time to manually update the ClamAV virus database if you wish. But you would first need to:

1.  Go back to the main window

2.  Click Update Assistant

3.  Choose “I would like to update signatures myself

4.  Apply the changes and then go back to Scheduler to set your preferred time

When you are done, remember to click the shiny star icon to confirm your schedule.

How to Perform a manual scan with ClamTK ?

1.  In the main Virus Scanner window, click either Scan a file or Scan a directory to perform a one-time scan of a file or folder respectively

2.  In the window that appears, click a location on the left and then select the specific file or folder on the right to scan

3.  Click OK to begin scanning.

How to Uninstall ClamAV from Ubuntu ?

The following command will uninstall ClamAV on Ubuntu:

$ sudo apt-get remove clamav*

How to Uninstall ClamTK from Ubuntu ?

The following command will uninstall ClamTK on Ubuntu:

$ sudo apt-get remove clamtk*

[Need urgent assistance in fixing missing packages on Ubuntu? We are available to help you today. ]

This article covers how to install and configure ClamAV and ClamTK to scan for malware on Ubuntu 20.04. 

There aren't many viruses made for Linux distributions and as such, most people who use such systems don't even bother using antivirus software. 

Those however who do want to be able to scan their system or other Windows-based systems that are connected to a Linux PC through a network can use ClamAV. 

ClamAV is an open-source anti-virus engine that is built to detect viruses, trojans, malware, and other threats. 

It supports multiple file formats (documents, executables, or archives), utilizes multi-thread scanner features, and receives updates for its signature database at least 3-4 times a day.

To ClamAV Antivirus on Ubuntu:

The first step is to install and get the latest signature updates. To do this on Ubuntu, you can open a terminal and insert "sudo apt-get install clamav" and press enter.

$ sudo apt install clamav

You may also build ClamAV from sources to benefit from better scanning performance.

To update the signatures, you type "sudo freshclam" on a terminal session and press enter.

$ sudo freshclam

Now we are ready to scan our system. 

To do this, you can use the "clamscan" command. 

This is a rich command that can work with many different parameters so you'd better insert "clamscan –-help" on the terminal first and see the various things that what you can do with it:

$ clamscan –-help

To Update ClamAV Signature Database:

1. Stop the ClamAV process:

$ systemctl stop clamav-freshclam

2. Manually update the ClamAV signature database:

$ freshclam

3. Restart the service to update the database in the background:

$ systemctl start clamav-freshclam

Related Posts