ClamAV is free and open-source antivirus software that can be used to find trojans malicious software and other viruses in your system. It is simple, easy to use, and capable of scanning over one million viruses and trojans. ClamAV supports various archive formats including Tar, Gzip, Zip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS, and also supports all mail file formats. It comes with several built-in tools, including a multi-threaded daemon and a command-line interface to update the database automatically.
Install ClamAV
By default, the ClamAV package is available in the Ubuntu 20.04 default repository. You can install it with the following command:
apt-get install clamav clamav-daemon -yUpdate the Virus Database
Before updating the database, you will need to stop the clamav-freshclam service. You can stop it with the following command:
systemctl stop clamav-freshclamfreshclamTue Apr 8 10:06:22 2025 -> ClamAV update process started at Tue Apr 8 10:06:22 2025
Tue Apr 8 10:06:22 2025 -> ^Your ClamAV installation is OUTDATED!
Tue Apr 8 10:06:22 2025 -> ^Local version: 0.103.12 Recommended version: 1.0.8
Tue Apr 8 10:06:22 2025 -> DON'T PANIC! Read https://docs.clamav.net/manual/Installing.html
Tue Apr 8 10:06:22 2025 -> daily.cld database is up-to-date (version: 27601, sigs: 2074431, f-level: 90, builder: raynman)
Tue Apr 8 10:06:22 2025 -> main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
Tue Apr 8 10:06:22 2025 -> bytecode.cld database is up-to-date (version: 336, sigs: 83, f-level: 90, builder: nrandolp)Next, start the clamav-freshclam service and enable it to start at system reboot with the following command:
systemctl start clamav-freshclam
systemctl enable clamav-freshclamBy default, freshclam stores all databases inside /var/lib/clamav/ directory. You can list them with the following command:
ls /var/lib/clamav/bytecode.cvd daily.cvd freshclam.dat main.cvdUse Clamscan to Scan the Directory
Clamscan is used to scan files and directories for viruses and delete them immediately.
The basic syntax of Clamscan is shown below:
clamscan [options] [files-or-directories]A brief explanation of most commonly used options are shown below:
- –infected : This option displays a list of all infected files.
- –remove : This option removes all infected files from your system.
- –recursive : This option will scan all directories and sub-directories.
For example, you can scan the /etc directory with the following command:
clamscan --infected --remove --recursive /etcYou should see the following output:
----------- SCAN SUMMARY -----------
Known viruses: 8908044
Engine version: 0.102.4
Scanned directories: 240
Scanned files: 754
Infected files: 0
Data scanned: 3.25 MB
Data read: 1.41 MB (ratio 2.30:1)
Time: 42.391 sec (0 m 42 s)
