How to Install ClamAV on Ubuntu

How to Install ClamAV on Ubuntu

ClamAV is a popular open source anti-virus (AV) scanner available for Windows, macOS, and Unix-based systems. ClamAV can quarantine and delete infected files, emails, websites, and more. ClamAV is also available as a cPanel server plugin.

Below we’ll cover how to install ClamAV, update the signature database, and run common command-line interface (CLI) commands.

How to Install and Use ClamAV

You may have to use sudo before each command if you’re not already logged in as root (e.g. sudo apt-get update).

Installing ClamAV is easy with the Ubuntu APT package.

  1. Update your package lists:
    sudo apt-get update
  2. Install ClamAV:
    sudo apt-get install clamav clamav-daemon -y

After you finish the installation, ensure your ClamAV virus signatures are up to date.

  1. Stop the ClamAV process:
    sudo systemctl stop clamav-freshclam
  2. Manually update the ClamAV signature database:
    sudo freshclam
  3. Restart the service to update the database in the background:
    sudo systemctl start clamav-freshclam

Below are the most common options for using ClamAV clamscan in the terminal.

Scan all files, starting from the current directory:

clamscan -r /

Scan files but only show infected files:

clamscan -r -i /path-to-folder

Scan files but don’t show OK files:

clamscan -r -o /path-to-folder

Scan files and send results of infected files to a results file:

clamscan -r /path-to-folder | grep FOUND >> /path-folder/file.txt

Scan files and move infected files to a different directory:

clamscan -r --move=/path-to-folder /path-to-quarantine-folder

You can also create a cron job to run ClamAV scans automatically.

To learn more about clamscan options, check the manual:

man clamscan

Those running Linux on a local machine with a window manager can also install the ClamTK graphical wrapper.

Looking for other ways to improve your server security posture? See if Sucuri’s web application firewall (WAF) is right for you. Let us know if you have any further questions.

With our Cloud VPS plans, you can deploy a lightning-fast, reliable cloud platform with built-in redundancy – ensuring the availability of your environment!
J
Jacqueem Content Writer I

Technical writer focused on cybersecurity and musicianship.

More Articles by Jacqueem

12 Comments

    • Hello Borysr – You don’t need to edit the files after you first install it. However, if your configuration requires that you modify these files, then you would make changes to them. There are many options for the Clamd.conf file – it configures the Clam antivirus daemon. You can see the man options here: https://manpages.ubuntu.com/manpages/bionic/man5/clamd.conf.5.html. The freshclam.conf is a configuration file for the updater. You can see more info on it here: https://manpages.ubuntu.com/manpages/bionic/en/man5/freshclam.conf.5.html

    • That’s a good point – ClamAV does tend to be resource intensive. I spoke to some of our team’s Ubuntu experts, and we recommend that you only run ClamAV scans during periods of low traffic on your server to avoid potential resource usage issues. Hope that helps!

  • Excellent work. I installed ClamAV on Ubuntu 21.04 – Mate, encountering zero problems. Your work is Complete, Clear, Concise, and Correct! Thank you!

Was this article helpful? Let us know!