Linux detects the Windows virus

Linux Virus protection under Linux


One hears again and again that virus protection under Linux is superfluous. If you want to know why this is not quite true, you have come to the right place. In the following we explain to you which protective measures you can take for Linux.

Does Linux need anti-malware?

The benefits of anti-malware programs are hotly debated today, and there are calls from some corners of the security world to do without them completely - even under Windows. Viruses, worms, and Trojans have never been a serious problem on Linux. On the one hand, because Linux has a much better security / rights concept that simply makes it harder for attackers. On the other hand, it should be above all low market share of Linux on desktop computers owed - Linux is simply not a promising target for criminals. And on top of that, you have to assume that the average Linux user has a little more knowledge of IT.

Yet: There are at least two good reasons to install an anti-malware solution. On the one hand, it can also be used to check Windows installations and external data carriers running in parallel. For another, it's just a A little bit of security for the future. Who guarantees that the encryption blackmailers won't attack Linux at some point? At the latest, if Linux does make a breakthrough on the desktop, it will be an interesting goal. Of course, a running virus scanner costs a few resources, but that doesn't matter on any reasonably powerful computer. And of course you don't have to pay a cent for security software on Linux either.

The standard solution under Linux is ClamAV with the graphical user interface ClamTK, both Open source and therefore free of charge. Among the commercial providers, Sophos and Eset in particular have a good reputation - which cannot really be said about ClamAV. ClamAV has always been unable to keep up with the detection rates of commercial products - but it just keeps getting better.

In addition to the recognition rate, the commercial solutions another advantage: You monitor the system live - with ClamAV you scan the system, files or folders manually. Below you will find instructions for two variants: ClamTK and the full version of Eset NOD32, which costs around 30 euros per year.

Set up Eset NOD32

NOD32 can be installed quickly, but not simply by double-clicking - it takes three steps:

  1. Download the appropriate 32- or 64-bit version from
  2. Open the properties of the file and put under "Access rights"checkmark"Run the file as a program". Now start the file and install the program. A error message "ESET NOD32 for Linux needs the following packages to install: libc6-386, /lib/". In this case, proceed as follows:
  3. Open a terminal and give one after the other following commands a:

This brings your package sources up to date and then sets up the required dependencies. The installation routine is now run through cleanly, then NOD32 starts, updates itself and immediately protects the system.

Note: After purchasing a license for ESET NOD32, the program also needs a user and a password for activation. The reason is that the program is now considered "legacy" at ESET. Please contact ESET again via to receive the data.

Set up ClamTK

At ClamTK, the setup is extremely simple - only the (first) update is not a matter of course.

  1. Start Synaptic, the Ubuntu Software Center or another package manager and search for ClamTK. The usual is sufficient in the terminal
  2. If the package manager suggests additional packages for installation, e.g. ClamAV itself, accept this and let everything install.
  3. After starting ClamAV for the first time, you will be notified of outdated malware signatures - and you will probably miss an "Update" button. ClamTK updates itself automatically. If you want it immediately, quit ClamTK and start the "freshclam" tool in the terminal via sudo freshclam.

Then you can start ClamTK and the signatures should be up to date. The actual use of ClamTK is simple: Simply select using the buttons Folders or files to scan manually. In the settings it may be worthwhile to tick additional boxes, for example Include subdirectories in scans as well. Alternatively, test individual files and folders with a right click and the option "Open with".

So you are spoiled for choice: the paid one Eset NOD32 offers the best protection with the best user experience - but costs 30 euros per year. For an operating system that has practically no virus problems, that is quite a lot for private users. ClamTK can't quite keep up with the competition in terms of security, but is the easiest to set up and offers a very rudimentary, but at least simple graphical user interface. Of course there are other solutions for all three categories, ClamTK and Eset are just the best-known names in the game.