ClamAV is an open-source (GPL) antivirus engine designed for detecting Trojans, viruses, malware, and other malicious threats. It is the de-facto standard for mail gateway scanning. It provides a high-performance multi-threaded scanning daemon, command-line utilities for on-demand file scanning, and an intelligent tool for automatic signature updates.

Follow the below steps to install ClamAV on Ubuntu

( Not Ubuntu? Here are the steps to install ClamAV on Debian and CentOS )

Install ClamAV using apt-get. ( The default Ubuntu repo has ClamAV, so we don’t have to add any additional repo to install it. )

sudo apt-get install clamav clamav-daemon clamtk

There the “clamav” is the scanner, and “clamtk” is the graphical front end. If you don’t want a GUI, you don’t have to install “clamtk”.

Run the below command to update the virus definitions.

sudo freshclam

Start the ClamAV.

sudo /etc/init.d/clamav-daemon start

Now open a new screen session and scan the whole system by running the below command.

clamscan -ril /opt/clamscan.log /

( Please note that this will take hours to complete depending on the disk usage in your system, which is why we are running it in a screen session. )

You can detach and enter to screen session any time and check the status frequently.

You will get the scan result at the end, and the command will only list the infected files. You can find the files in “/opt/clamscan.log”. ( grep the word FOUND ) You may either manually remove or correct these files or else run the below command that will permanently remove all infected files in your system ( Make sure to run in a screen session )

clamscan -ril /opt/clamscan.log --remove /

That’s it!! You have removed the virus and malicious codes from your system.

So that’s how you install ClamAV on Ubuntu.