18

I think I may have a virus. How would I go about checking for a virus and how can I protect my computer from any other virus? Please give detailed answer as I'm still learning about Ubuntu.

Olli
  • 8,971
user238385
  • 181
  • 1
  • 1
  • 3
  • 1
    @Alvar: False. While more resilient than Windows, it is technically possible to get a virus on Ubuntu. http://en.wikipedia.org/wiki/Linux_malware#Viruses_and_trojan_horses – roadmr Feb 06 '14 at 19:40
  • @Alvar It isn't technically impossible, but it is very hard and almost unheard of. – Seth Feb 06 '14 at 19:40
  • What makes you think you have a virus? – roadmr Feb 06 '14 at 19:41
  • 1
    There are plenty of malwares aimed at Linux distros. People are making botnet out of everything these days. Anything that can be connected to the internet can be attacked. – Sam Redway Nov 02 '16 at 21:35

2 Answers2

35

To scan for viruses on Linux, you'd us clamav. You can install it from the repositories using the software center.

If you're new to Linux, this is the perfect time to try out the command line interface, because it works well, and it's hard to screw anything up.

If you're feeling up to it, open a terminal window by typing Ctrl+Alt+t.

In that window, type sudo apt-get install clamav. This will tell the computer that a "super user" is telling it to install the clamav virus scanning software. It will ask for your password.

Now that you've installed the software, you need to update the files that it uses to identify viruses. You should type sudo freshclam. Your computer will know you're a super user because you just typed in your password a few seconds ago.

When all is done, you're ready to scan. If you'd like to scan your home directory (all your user files), you'd type something like

 clamscan --remove=yes -i -r ~/

This calls on clamscan to remove any virus it finds, show you only infected files, to act recursively by running through every subdirectory of you home directory. ~/ is shorthand for your home directory. You might want to run it without the --remove flag just to see what it finds first.

If you were to type man clamscan you'd see a list of options. As I said, this is a great place to start using the command line.

Kevin Bowen
  • 19,615
  • 55
  • 79
  • 83
Marc
  • 9,980
  • 1
    What's the expected result from running clamscan? Without sudo I'm getting killed as a return and with sudo I get nothing. Using --log=FILE complains about privileges. – Elliot Lewis Jun 06 '16 at 11:02
  • 11
    I noticed that when you install clamav it runs freshclam in the background by default. I'm thinking that this is happening because when I tried to run freshclam I got a file lock exception due to another process accessing the log. So you will probably have to wait an hour or so after installing to run the update yourself if you feel that it is necessary. If you don't want to wait you can do sudo /etc/init.d/clamav-freshclam stop then start the update with sudo freshclam -v and when that finishes run sudo /etc/init.d/clamav-freshclam start https://ubuntuforums.org/showthread.php?t=1032147 – kpie Oct 21 '16 at 04:57
  • When I run sudo freshclam I am getting this error. lohith@lohith-System-Product-Name:~$ sudo freshclam ERROR: /var/log/clamav/freshclam.log is locked by another process ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log). ERROR: initialize: libfreshclam init failed. ERROR: Initialization error! Can anyone help me I am kinda new to linux. – MrBadAttitude Jan 09 '21 at 09:11
  • you can run cd / to get to the root folder, followed by sudo clamscan --remove=yes -i -r ./ --log=/home/<yournormalusername>/clamscanlog

    where you need to add your usual user home folder in the place of . This is because your usual home folder is accessible to clamscan for logging otherwise it might complain about "check permission". This worked for me.

     – Bharat Mallapur Feb 03 '22 at 21:19
0

Avast! has free antivirus for Linux, which you can use to check Ubuntu for viruses and remove if any were found. Here is how you can install it.

  1. Download it form here
  2. Open the file and install it
  3. register your free account here

  4. You must change Ubuntu's shmmax to accept updates(as they are too big). This is how you can do this. Open terminal (Ctrl + Alt + T) and enter:

    gksudo gedit /etc/init.d/rcS

    Add this line of code in a new line directly before the line, which should already be there, exec /etc/init.d/rc S

    sysctl -w kernel.shmmax=128000000

  5. Save it and restart computer

BuZZ-dEE
  • 14,223
Dusan Milosevic
  • 1,952
  • 6
  • 27
  • 48
  • 6
    Of course, you'd have your security to closed-source software. If I wanted to do that, I'd run Windows or OSx. And you're really searching your email for Windows viruses anyway. – Marc Feb 06 '14 at 20:45
  • I agree with you on this, but the fact is, you cannot have everything open source. – Dusan Milosevic Feb 06 '14 at 20:48
  • 3
    Perhaps everyone can't but I can come as close as possible, especially with security software. – Marc Feb 06 '14 at 21:02
  • 1
    Not anymore. The first link gives a 404 error. – FractalBob Sep 27 '22 at 12:37