How to Install ClamAV on Ubuntu
Please Subscribe to our YouTube Channel
ClamAV is a free and open-source antivirus software toolkit. The latest version of ClamAV, ClamAV v0.104.3, can be installed on Ubuntu in several steps.
Update the package index
Open the terminal and run the following command to update the package index:
sudo apt-get update
Install ClamAV and ClamAV-daemon. ClamAV-daemon is a background service that allow on-demand scanning.
sudo apt install clamav clamav-daemon
After the installation is complete, start the ClamAV-daemon:
sudo systemctl start clamav-daemon
Check the status of the ClamAV-daemon:
sudo systemctl status clamav-daemon
If the ClamAV-daemon is running, you should see a message indicating that it is active and running.
Update the ClamAV database:
This will download the latest virus definitions and update the ClamAV database.
sudo nano /etc/clamav/clamd.conf
Here, you can change various settings, such as the maximum size of files that will be scanned, the quarantine directory, and the logging level. Here is a sample configuration file that sets up the ClamAV log file and database directory, updates the virus database automatically, and specifies which types of files to scan and exclude from scanning. It also sets up actions to take on infected files and sets up a quarantine directory for infected files.
Note that some settings, such as the directories and paths, may need to be modified to fit the user’s environment. It is also recommended to review and customize the configuration file based on the user’s specific needs and requirements.
# Example ClamAV configuration file LogFile /var/log/clamav/clamav.log # Update settings DatabaseDirectory /var/lib/clamav UpdateLogFile /var/log/freshclam.log LogVerbose LogFileMaxSize 0 LogTime yes Foreground yes # Set frequency of database updates Checks 24 NotifyClamd /usr/local/sbin/clamd # Scanning options ScanMail yes ScanArchive yes ScanOLE2 yes ScanPDF yes ScanHTML yes ScanPE yes ScanELF yes # Exclude scanning of files with certain extensions ExcludeArchive .tar.bz2 ExcludeArchive .zip ExcludeArchive .7z ExcludePath /sys/ ExcludePath /proc/ MaxFileSize 100M MaxRecursion 15 MaxScanSize 100M # Actions to take on infected files Alert yes AlertEncrypted yes AlertBroken yes OnInfected /usr/local/bin/clamav-action.sh # Quarantine options QuarantineDirectory /var/quarantine QuarantineMaxSize 0 Bytecode true BytecodeSecurity TrustSigned
sudo nano /etc/clamav/freshclam.conf
Here, you can set the frequency of database updates and other settings. Here is an example of freshclam.conf, but you may need to adjust the settings based on your specific requirements and system setup. It’s important to ensure that the DatabaseDirectory is set to the correct path for your system, and that the UpdateLogFile points to a valid log file location. It download updates from database.clamav.net. When configuring freshclam.conf, it’s also important to ensure that the file has the correct ownership and permissions. In most cases, the file should be owned by the ClamAV user and group, and have permissions of 0644
# Comment or remove the Example line below. Example # Path to the local database directory. DatabaseDirectory /var/lib/clamav # Path to the daily.cvd file. UpdateLogFile /var/log/freshclam.log # The log file mode. LogFileMode 0644 # The number of database checks to perform per day. Checks 24 # The maximum amount of data to download in a single session. MaxBytes 51200000 # The minimum number of database updates to perform per week. MinDatabaseRevisions 2 # The time to wait between updates. NotifyClamd /usr/sbin/clamd # Number of retries to perform if a download fails. OnUpdateRetry 3 # The time to wait before retrying a download. OnUpdateRetryWait 60 # The user and group to run as. User clamav AllowSupplementaryGroups true # Enable autoupdates. DatabaseMirror database.clamav.net # Comment or remove the line below to disable. Checks 24 NotifyClamd /usr/sbin/clamd
How to Scan with ClamAV?
To scan a specific file:
To scan an entire directory:
clamscan -r /path/to/directory
The -r flag tells ClamAV to scan recursively through subdirectories.
How to set up autoscan?
To set up an automatic scan, you can use a tool such as “corn” to schedule the scan to run at a specific time or interval. For example, to run a daily scan at midnight, you could add the following line to your “Crontab.”
0 0 * * * /usr/bin/clamscan -r /home/user
This will run the
clamscan command with the -r flag (to recursively scan all files in the directory) on the /home/users/ directory at midnight each day.