The 8 Best Free Anti-Virus Programs for Linux

Although Linux operating systems are fairly stable and secure, they may not completely be immune to threats. All computer systems can suffer from malware and viruses, including those running Linux-based operating systems. However, the number of critical threats to Linux-based operating systems is still way lower than threats for Windows or OS X.

Therefore, we need to protect our Linux systems from the various forms of threats such as viruses that can be transmitted in many ways including malicious code, email attachments, malicious URLs, rootkits to mention but a few.

In this article, we will talk about 8 best free anti-virus programs for Linux systems.

1. ClamAV

ClamAV is a free and open source, versatile anti-virus toolkit for Linux systems. It’s used for detecting trojans, viruses, malware and other malicious threats. It’s a standard for mail gateway scanning software; it supports almost all mail file formats.

The following are its well-known features:

  • It’s cross platform; works on Linux, Windows and Mac OS X
  • POSIX compliant, portable
  • Easy to install and use
  • Works primarily from the command-line interface
  • Supports on-access scanning (Linux only)
  • Provides a virus database update
  • It can scan within archives and compressed files (also protects against archive bombs), the built-in support includes Zip, Tar, 7Zip, Rar among others.

2. ClamTk

ClamTk is a lightweight graphical front-end for the popular command-line based ClamAV (Clam Antivirus), written using Perl and Gtk libraries for Unix-like systems such as Linux and FreeBSD.

It‘s designed to be an easy-to-use, on-demand anti-virus scanner. It’s a reliable graphical anti-virus software which runs smoothly, it’s excellent for getting things done fast.

3. ChkrootKit

ChkrootKit is a free and open source lightweight toolkit to locally check for signs of a rootkit.

It contains various programs/scripts which include:

  • chkrootkit – a shell script that checks system binaries for rootkit modification.
  • ifpromisc.c – it checks if an interface is in promiscuous mode.
  • chklastlog.c – this checks for lastlog deletions.
  • chkwtmp.c – this checks for wtmp deletions.
  • check_wtmpx.c – checks for wtmpx deletions (Solaris only).
  • chkproc.c – checks for signs of LKM trojans.
  • chkdirs.c – this checks for signs of LKM trojans.
  • strings.c – it performs quick and dirty strings replacement.
  • chkutmp.c – this checks for utmp deletions.

4. RookKit Hunter

Rootkit Hunter is remarkable lightweight, open source security monitoring and analyzing tool for POSIX compliant systems. It’s available for Linux and FreeBSD.

It’s a scanner for every kind of threats to a Linux system from backdoors, rootkits to various local exploits.

It’s other important features include:

  • It’s command-line based
  • It’s simple to use and offers thorough inspection capabilities.
  • It uses SHA-1 hash comparison to detect malicious entries.
  • It’s portable and compatible with most UNIX-based systems.

5. Comodo Anti-virus For Linux (CAVL)

Comodo is a powerful cross-platform anti-virus and email filtering software. Comodo Anti-virus For Linux offers great virus protection with the additional features for fully configurable anti-spam system.

Comodo anti-virus for Linux features include:

  • Simply install and forget, no annoying false alarms, just solid virus protection.
  • Provides proactive anti-virus protection intercepts all known threats.
  • Optional automatic updates for the most up-to-date virus protection.
  • Comes with a scan scheduler, detailed event viewer, and custom scan profiles.
  • Offers a mail filter which is compatible with Postfix, Qmail, Sendmail and Exim MTA’s.

6. Sophos For Linux

Sophos anti-virus for Linux is a stable and reliable anti-virus software for a wide range of Linux distributions.

It detects and eradicates viruses (including worms and Trojans) on your Linux computer. It can as well find and block all non-Linux viruses that might be stored on your Linux computer and transferred to non-Linux computers.

You can run all commands (except savscan, which is used to run on-demand scans) as root from the from the command-line interface.

Below are the notable features of Sophos For Linux:

  • Easy to install and runs quietly.
  • It’s effective and secure.
  • It can detect and block malware with on-access, on-demand, or scheduled scanning.
  • Offers excellent performance, with low impact on the system.
  • Offers extensive platform coverage.

7. BitDefender For Unices (Not Free)

BitDefender For Unices is a powerful and versatile anti-virus software suite for Linux and FreeBSD. It offers protection and on-demand scanning on both Unix-based and Windows-based disk partitions by scanning for viruses and malware.

The following are a few of its remarkable features:

  • Enables scanning of archives.
  • Supports desktop integration.
  • It has an intuitive GUI and powerful command line interface that supports OS scripting tools.
  • It can quarantine infected files into a protected directory.

8. F-PROT For Linux

F-PROT anti-virus for Linux workstations is a free powerful scanning engine for use on home/personal workstations. Developed to effectively get rid of viruses threatening workstations running Linux, it offers full protection against macro viruses and other forms of malicious software including Trojans.

Below are some of its exceptional features:

  • It supports both 32bit and 64bit versions of Linux x86.
  • It scans for over 2119958 known viruses and their variants.
  • It’s able to perform scheduled scans using cron.
  • It scans hard drives, CD-ROMS, diskettes, network drives, directories and specific files.
  • It can also scan for images of boot sector viruses, macro viruses, and Trojan Horses.

That’s all! Don’t believe that Linux-based operating systems are completely secure, get one of these free anti-viruses we have talked about to secure your workstation or server.

Do you have any thoughts to share with us? If yes, then make use of the feedback form below.

If you read this far, tweet to the author to show them you care. Tweet a thanks
Aaron Kili
Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

65 thoughts on “The 8 Best Free Anti-Virus Programs for Linux”

  1. Beware! Clam Av is bad news. Our Download went sky high and over the limit, each month till I tracked it down to AV clam somehow using lots of Data by running in the background.

    Nothing I did would fix it. The only solution was to use command lines I found online to completely remove Clam Av and TK. After that our system downloads went back to normal.

    • Define “NORMAL”.

      Obviously, Clam was not configured correctly.

      Uninstalling ClamAV and TK in your case was like amputating an arm because there was a cut and it was bleeding.

        • When I tried it, though it installed and found the usual “test signature” files OK, I later found that it in effect only knew about typical Windows viri.

          There was nothing to indicate that it could even have a hope in hell spotting anything that targeted Linux in any way, malware or viri.

          It also flatly refused to do any updates.

          That was running on Linux Mint, either an early 19. xx or 17.xx, I forget.

        • Much like Dave G8KBV said, ClamAV hardly detects anything (especially if it ain’t a particularly high-profile one), and much of the detections are either outright false or misnamed/-categorized. I’ve never had problems with updating ClamAV or the sigs, though, beyond Server downtime.

  2. From the Fprot website…

    Dear Valued Partner,

    This note is to inform you of the upcoming End-of-Sale (EOS) and End-of-Life (EOL) dates for the F-Prot Endpoint Antivirus products.

    • Yes, Sophos was – and still is – likely the best Linux AV around, so they will be sorely missed.

      Pretty much every Linux AV is now finished, except for Business versions which are simply too expensive for most home users ($250 upwards).

      ClamAV is pretty much it. That said, it is capable of running additional signatures, however, it still lags behind.


Got something to say? Join the discussion.

Have a question or suggestion? Please leave a comment to start the discussion. Please keep in mind that all comments are moderated and your email address will NOT be published.