Make sure to check out our other articles on the best antivirus options for Mac and the best antivirus options for Android devices. Also, we have articles on how to detect rootkits on Windows and how to detect rootkits on Mac.
1. ClamAV
ClamAV is an open-source antivirus engine used to detect viruses, trojans, malware, and other malicious threats. It can run on a Linux server and Linux desktop. All actions with this tool use the command line. Features include:
Supports multiple languagesEasy-to-usePortableScans numerous file formats and mail gatewaysPOSIX compliant supportProvides a virus database update
ClamAV works through the terminal and doesn’t have a native GUI, although you can download your own. It can scan compressed files (supports Rar, Zip, 7Zip, and Tar) and archives. If you are looking for an automatic file scanner, ClamAV is not for you. It requires you to open the files first. Another downside of this program is its slow processing speed and infrequent system updates.
2. ClamTK
ClamTK is not a virus scanner in and of itself. It is a GUI for ClamAV. For those users who don’t like to use a command-line interface, ClamTK provides the same features as ClamAV via an easy to use graphical interface. The main feature of ClamTK is to be able to use all the advanced features of Clam AV in a simple GUI. Other features include:
Exclude folders and files with white-list featureSchedule scans easilySupports folder scanning integration with all major desktop environmentsCan be installed on most popular Linux operating systemsConfigure scan schedulesManually scan individual directories and filesDownload definition updatesUsers can securely delete files that have been moved into the quarantine managerQuickly access scan logs from history browser
Both ClamTK and ClamAV are available in many mainstream Linux distributions’ software repositories.
3. Comodo Antivirus
Sometimes referred to as CALV, Comodo Antivirus includes an on-demand scanner, real-time behavioral analysis, and spam mail protection and anti-phishing. Other features of this free antivirus program include:
Custom scanning profilesRegular and automatic updatesCloud-basedDelivers 360-degree protection against zero-day and unknown malwareVirus definitions are updated many times a day
Comodo Antivirus might be too complicated for those who are not tech-savvy. Be careful and pay attention when installing the free version. By default, Comodo will automatically change your browser and primary search engine. Comodo also has no web filtering or URL blocking. For advanced users looking for a feature-rich and highly configurable antivirus program, Comodo is a good choice. Average users might find it too difficult to use.
4. Rootkit Hunter
Rootkit Hunter is a small utility that uses backdoor and other local exploits to detect trojans and viruses. Other features include:
Easy-to-use and fastWorks from the command linePortableSupports many Linux distributions
Rootkit Hunter detects rootkits by scanning for unrecognized changes in files. To recognize if there has been a change, Rootkit needs to know what the files should look like on a clean system. Therefore, you must install it to get a baseline for future scans. If you wait until your system is infected, Rootkit Hunter will not be very useful.
5. F-Prot
F-Prot is a free antivirus program for Linux home users to keep their systems free of malware. It scans for ransomware, boot sector viruses, and other malicious threats. It includes other features such as:
Compatible with 32 and 64-bitUses GUI or command-line interfacePortableDoes not affect system performanceScans an enormous database of known threats (over 21 million) and their other variantsPerforms scheduled scanningDetects different infection types including boot sectors
F-Prot doesn’t include Internet security tools such as virtual keyboards, browser extensions, or phishing detectors to protect against keyloggers’ efforts. However, for those interested in an effective and functional antivirus program, it is a good choice.
6. Chkrootkit
Chkrootkit is a set of tools used to detect the presence of rootkits. It is free and open-source. Chkrootkit has many other features, such as:
Available for multiple Linux distributionsDetects almost all the latest rootkits because the open-source community keeps it up to dateFast and easy to useLightweight and portableCan be burned to USB or CDRuns from terminalEfficiently detects altered wtmp and lastlog files to alert administrators about intrusions
Chkrootkit doesn’t release new versions as often as some of the other antivirus programs.
7. Sophos
Sophos anti-virus software detects and eradicates viruses (including Trojans and worms) for a wide range of Linux distributions. Below are some of the features of Sophos:
Detects and blocks malware with on-demand, scheduled, or on-access scanningUpdates are typically under 50KB and have little impact on system performanceRuns quietly and easy to installCan run all commands (except savscan) from the command-line interface as rootUses live protection to find malicious files in real-timeConfigure scanning for local and network drives
By detecting and blocking non-Linux viruses that might be stored on your computer, Sophos prevents your Linux system from being affected by malware from other operating systems you might be using. Sophos doesn’t come with a built-in GUI. The free version doesn’t give access to subscriptions or technical support. Even though Linux systems are better protected than Windows, there is no way to be 100% safe from malicious threats. Why not protect your computer by installing at least one of the free antivirus programs above?