How to Install ClamAV on Ubuntu

by

How to Install ClamAV on Ubuntu

You can install ClamAV on Linux Ubuntu by following the steps below.

Step 1: Update the Package Repository Index 

To update the package repository index, you can execute the following command.

sudo apt-get update

Step 2: Install ClamAV

To install the ClamAV, you can execute the following command.

sudo apt-get install clamav clamav-daemon -y

Here is the output.

root@noufal:~# sudo apt-get install clamav clamav-daemon -y
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  clamav-base clamav-freshclam clamdscan libclamav9 libltdl7 libtfm1
Suggested packages:
  libclamunrar clamav-docs daemon libclamunrar9
The following NEW packages will be installed:
  clamav clamav-base clamav-daemon clamav-freshclam clamdscan libclamav9 libltdl7 libtfm1

Step 3: Confirm the ClamAV Version

After installing ClamAV, execute the following command to confirm the ClamAV version.

root@noufal:~# clamscan --version
ClamAV 0.103.8/26825/Mon Feb 27 08:24:38 2023

Step 4: Update the ClamAV Signature Database

ClamAV detects malware using virus signature databases. The most recent signatures are regularly updated in these databases. To keep protected, you must also download and install these updates on your ClamAV installation.

To update the ClamAV Signature Database, follow these steps.

Stop the ClamAV Service

You will need to execute the following command to stop the ClamAV service.

sudo systemctl stop clamav-freshclam

Manually Update the ClamAV Signature Database

You must execute the following command to update the ClamAV signature database manually.

sudo freshclam

Here is the output.

root@noufal:~# sudo freshclam
Thu Mar 2 06:10:22 2023 -> ClamAV update process started at Tue Mar 2 06:10:22 2023
Thu Mar 2 06:10:22 2023 -> daily.cvd database is up-to-date (version: 26825, sigs: 2021909, f-level: 90, builder: raynman)
Thu Mar 2 06:10:22 2023 -> main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
Thu Mar 2 06:10:22 2023 -> bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)

Start the ClamAV Service

You will need to execute the following command to start the ClamAV service.

sudo systemctl start clamav-freshclam

You can list the options available with ClamAV by executing the following command.

man clamscan

To scan a directory recursively, execute the command below.

clamscan --infected --remove --recursive foldername

To scan a file, execute the command below.

clamscan --remove filename

Here are explanations of some portions of the commands.

-i, –infected: Only show infected files on the screen. Clean files are not displayed. To suppress, use this option.

-r, –recursive: Scan the folder and its subfolders recursively. Avoid using this setting to restrict the scan to the top folder.

–remove: Remove infected files automatically. If a false-positive detection occurs when using this option, ClamAV will also delete those files.

Leave a Comment