众所周知，Linux 系统比 Windows 更安全^{(more secure than Windows)}。然而，这并不意味着他们完全不受威胁。对Linux系统的^(Linux)恶意软件^(Malware)攻击正在增加。本文将介绍七款适用于Linux的免费防病毒程序。

请^(Make)务必查看我们关于适用于 Mac^{(best antivirus options for Mac)}的最佳防病毒选项和适用于 Android 设备^{(antivirus options for Android devices)}的最佳防病毒选项的其他文章。此外，我们还有关于如何在 Windows 上检测 rootkit^{(how to detect rootkits on Windows)}以及如何在 Mac 上检测 rootkit 的文章^{(how to detect rootkits on Mac)}。

1. ClamAV

ClamAV是一个开源防病毒引擎，用于检测病毒、木马、恶意软件和其他恶意威胁。它可以在Linux服务器和Linux桌面上运行。

此工具的所有操作都使用命令行。特点包括：

• 支持多种语言
• 便于使用
• 便携的
• 扫描多种文件格式和邮件网关
• POSIX 兼容支持
• 提供病毒库更新

ClamAV通过终端运行，没有原生GUI，但您可以下载自己的。它可以扫描压缩文件（支持Rar、Zip、7 Zip和Tar）和存档。

如果您正在寻找自动文件扫描仪，ClamAV不适合您。它要求您先打开文件。 

该程序的另一个缺点是处理速度慢和系统更新不频繁。

2. ClamTK

ClamTK本身并不是病毒扫描程序。它是ClamAV的^(ClamAV)GUI。对于不喜欢使用命令行界面的用户，ClamTK通过易于使用的图形界面提供与ClamAV相同的功能。

ClamTK的主要特点是能够在一个简单的GUI中使用^(GUI)Clam AV的所有高级功能。其他功能包括：

• ^(Exclude)使用白名单功能排除文件夹和文件
• 轻松安排扫描
• 支持与所有主要桌面环境的文件夹扫描集成
• 可以安装在最流行的Linux操作系统上
• 配置扫描计划
• 手动扫描单个目录和文件
• 下载定义更新
• 用户可以安全地删除已移动到隔离管理器中的文件
• 从历史浏览器快速^(Quickly)访问扫描日志

ClamTK和ClamAV在许多主流Linux发行版的软件存储库中都可用。^(ClamTK)

3. 科摩多杀毒软件^{(3. Comodo Antivirus)}

Comodo Antivirus有时称为 CALV，包括按需扫描程序、实时行为分析以及垃圾邮件保护和反网络钓鱼。

此免费防病毒程序的其他功能包括：

• 自定义扫描配置文件
• 定期和自动更新
• 基于云的
• 针对零日和未知恶意软件提供 360 度保护
• 病毒^(Virus)定义每天更新多次

Comodo Antivirus对于那些不精通技术的人来说可能太复杂了。安装免费版时要小心谨慎。默认情况下，Comodo会自动更改您的浏览器和主要搜索引擎。

Comodo也没有网络过滤或URL 阻止^{(URL blocking)}。

对于寻求功能丰富且高度可配置的防病毒程序的高级用户，Comodo是一个不错的选择。普通用户可能会发现它太难使用了。

4. Rootkit 猎人^{(4. Rootkit Hunter)}

Rootkit Hunter是一个小型实用程序，它使用后门和其他本地漏洞来检测特洛伊木马和病毒。

其他功能包括：

• 易于使用且快速
• 从命令行工作
• 便携的
• 支持许多 Linux 发行版

Rootkit Hunter通过扫描文件中无法识别的更改来检测Rootkit 。^(rootkits)要识别是否发生了变化，Rootkit需要知道文件在干净的系统上应该是什么样子。因此，您必须安装它以获得未来扫描的基准。

如果您等到您的系统被感染，Rootkit Hunter将不会很有用。

5. F-Prot

F-Prot是一个免费的防病毒程序，供Linux家庭用户使用，以使他们的系统免受恶意软件的侵害。它会扫描勒索软件、引导扇区病毒和其他恶意威胁。

它包括其他功能，例如：

• 兼容 32 位和 64 位
• 使用 GUI 或命令行界面
• 便携的
• 不影响系统性能
• 扫描^(Scans)包含已知威胁（超过 2100 万个）及其其他变种的庞大数据库
• 执行计划扫描
• 检测不同的感染类型，包括引导扇区

F-Prot不包括Internet安全工具，例如虚拟键盘、浏览器扩展或网络钓鱼检测器，以防止键盘记录器的攻击。 

但是，对于那些对有效且功能强大的防病毒程序感兴趣的人来说，这是一个不错的选择。

6.Chkrootkit

Chkrootkit是一组用于检测是否存在 rootkit 的工具。它是免费和开源的。

Chkrootkit还有许多其他功能，例如：

• 适用于多个Linux发行版
• 检测几乎所有最新的 rootkit，因为开源社区保持最新
• 快速和容易使用
• 轻巧便携
• 可以刻录到 USB 或 CD
• 从终端运行
• 有效检测更改的wtmp和lastlog文件，以提醒管理员有关入侵

Chkrootkit不会像其他一些防病毒程序那样频繁地发布新版本。

7. 索福斯^{(7. Sophos)}

Sophos防病毒软件可检测并根除各种Linux发行版的病毒（包括^(Linux)特洛伊木马和蠕虫） 。

以下^(Below)是Sophos的一些功能：

• 通过按需、计划或按访问扫描检测和阻止恶意软件
• 更新通常小于 50KB，对系统性能影响不大
• 运行安静且易于安装
• 可以以 root 身份从命令行界面运行所有命令（savscan 除外）
• 使用实时保护实时查找恶意文件
• 配置扫描本地和网络驱动器

通过检测和阻止可能存储在您计算机上的非 Linux 病毒，Sophos可以防止您的Linux系统受到来自您可能正在使用的其他操作系统的恶意软件的影响。 

Sophos没有内置GUI。免费版不提供订阅或技术支持。

即使Linux系统比Windows受到更好的保护，也没有办法 100% 免受恶意威胁。为什么不通过安装至少一个上述免费防病毒程序来保护您的计算机？

The Top 7 Free Antivirus Programs for Linux

Linux systems are known to be more secure than Windows. However, that doesn’t mean they are entirely immune to threats. Malware attacks on Linux systems are increasing. This article will describe seven free antivirus programs for Linux.

Make sure to check out our other articles on the best antivirus options for Mac and the best antivirus options for Android devices. Also, we have articles on how to detect rootkits on Windows and how to detect rootkits on Mac.

1. ClamAV

ClamAV is an open-source antivirus engine used to detect viruses, trojans, malware, and other malicious threats. It can run on a Linux server and Linux desktop.

All actions with this tool use the command line. Features include:

• Supports multiple languages
• Easy-to-use
• Portable
• Scans numerous file formats and mail gateways
• POSIX compliant support
• Provides a virus database update

ClamAV works through the terminal and doesn’t have a native GUI, although you can download your own. It can scan compressed files (supports Rar, Zip, 7Zip, and Tar) and archives.

If you are looking for an automatic file scanner, ClamAV is not for you. It requires you to open the files first. 

Another downside of this program is its slow processing speed and infrequent system updates.

2. ClamTK

ClamTK is not a virus scanner in and of itself. It is a GUI for ClamAV. For those users who don’t like to use a command-line interface, ClamTK provides the same features as ClamAV via an easy to use graphical interface.

The main feature of ClamTK is to be able to use all the advanced features of Clam AV in a simple GUI. Other features include:

• Exclude folders and files with white-list feature
• Schedule scans easily
• Supports folder scanning integration with all major desktop environments
• Can be installed on most popular Linux operating systems
• Configure scan schedules
• Manually scan individual directories and files
• Download definition updates
• Users can securely delete files that have been moved into the quarantine manager
• Quickly access scan logs from history browser

Both ClamTK and ClamAV are available in many mainstream Linux distributions’ software repositories.

3. Comodo Antivirus

Sometimes referred to as CALV, Comodo Antivirus includes an on-demand scanner, real-time behavioral analysis, and spam mail protection and anti-phishing.

Other features of this free antivirus program include:

• Custom scanning profiles
• Regular and automatic updates
• Cloud-based
• Delivers 360-degree protection against zero-day and unknown malware
• Virus definitions are updated many times a day

Comodo Antivirus might be too complicated for those who are not tech-savvy. Be careful and pay attention when installing the free version. By default, Comodo will automatically change your browser and primary search engine.

Comodo also has no web filtering or URL blocking.

For advanced users looking for a feature-rich and highly configurable antivirus program, Comodo is a good choice. Average users might find it too difficult to use.

4. Rootkit Hunter

Rootkit Hunter is a small utility that uses backdoor and other local exploits to detect trojans and viruses.

Other features include:

• Easy-to-use and fast
• Works from the command line
• Portable
• Supports many Linux distributions

Rootkit Hunter detects rootkits by scanning for unrecognized changes in files. To recognize if there has been a change, Rootkit needs to know what the files should look like on a clean system. Therefore, you must install it to get a baseline for future scans.

If you wait until your system is infected, Rootkit Hunter will not be very useful.

5. F-Prot

F-Prot is a free antivirus program for Linux home users to keep their systems free of malware. It scans for ransomware, boot sector viruses, and other malicious threats.

It includes other features such as:

• Compatible with 32 and 64-bit
• Uses GUI or command-line interface
• Portable
• Does not affect system performance
• Scans an enormous database of known threats (over 21 million) and their other variants
• Performs scheduled scanning
• Detects different infection types including boot sectors

F-Prot doesn’t include Internet security tools such as virtual keyboards, browser extensions, or phishing detectors to protect against keyloggers’ efforts. 

However, for those interested in an effective and functional antivirus program, it is a good choice.

6. Chkrootkit

Chkrootkit is a set of tools used to detect the presence of rootkits. It is free and open-source.

Chkrootkit has many other features, such as:

• Available for multiple Linux distributions
• Detects almost all the latest rootkits because the open-source community keeps it up to date
• Fast and easy to use
• Lightweight and portable
• Can be burned to USB or CD
• Runs from terminal
• Efficiently detects altered wtmp and lastlog files to alert administrators about intrusions

Chkrootkit doesn’t release new versions as often as some of the other antivirus programs.

7. Sophos

Sophos anti-virus software detects and eradicates viruses (including Trojans and worms) for a wide range of Linux distributions.

Below are some of the features of Sophos:

• Detects and blocks malware with on-demand, scheduled, or on-access scanning
• Updates are typically under 50KB and have little impact on system performance
• Runs quietly and easy to install
• Can run all commands (except savscan) from the command-line interface as root
• Uses live protection to find malicious files in real-time
• Configure scanning for local and network drives

By detecting and blocking non-Linux viruses that might be stored on your computer, Sophos prevents your Linux system from being affected by malware from other operating systems you might be using. 

Sophos doesn’t come with a built-in GUI. The free version doesn’t give access to subscriptions or technical support.

Even though Linux systems are better protected than Windows, there is no way to be 100% safe from malicious threats. Why not protect your computer by installing at least one of the free antivirus programs above?

Related posts

• 如何在 Linux 中退出冻结的程序

• Linux FIND 命令与示例

• 放弃 Windows 转而使用 Linux 的 5 个重要理由

• HDG 解释：什么是 UNIX？

• 9 款最适合黑客的 Linux 发行版

• 适合 Ubuntu 用户的 10 大最佳 Linux 应用程序

• Ubuntu 崩溃的常见原因以及如何恢复

• 在 GNOME Linux 中显示和隐藏桌面图标

• 初学者的 Ubuntu Linux 指南

• 使用 Linux Live Kit 制作自定义 Live Linux 发行版

• 如何升级到最新的 Ubuntu

• 为什么在 UNIX 和 Linux 中“less”命令比“more”更好

• 您应该使用的 5 个顶级 Linux 发行版

• 在 Ubuntu 中通过命令行在格式之间转换图像

• 在 Ubuntu Linux 中安装 Adob​​e Digital Editions

• 10 个 Ubuntu 键盘快捷键可加快您的工作流程

• 5 款最佳 Linux 游戏

• 9 件有用的事情 Linux 可以做到，而 Windows 不能

• 如何在 Linux 中删除文件或目录

• 使用终端在 Linux 中创建和编辑 Zip 文件