So update on my part. I'm just overly paranoid, as I'm the most tech savvy. Most of my family do got to those shady sites and try to enter those popups and texts saying that, they won a new phone or something. so yeah, I've had to deal with get viruses, malware, and trojans every few weeks along with mine occasionally getting mine because of it. So in my defense, yeah I am paranoid but for a good reason. as of February of this year I have I've kicked them off my internet. as for them they are using a mobile hotspot.

I am planning on just using the steam store, mabie also installing VLC, origin, gog, and rockstar. since I do have some games on them, and may want to watch movies on my deck.

Nowadays AV programs CAN harm you operating system (they dig so deep into your kernel you dont even want to know ;) )more as most viruses

I'd also 4th? the recommendation for ClamAV if you are going to install anything. I'm surprised at the amount of people in here essentially suggesting that because "Linux" you won't get viruses without offering any suggestion for the OP's question. Linux isn't immune to viruses, malware, nor exploits. You can follow some Linux security community sites that publish known CVEs for linux, some of which will also sort them by affected Distribution such as Linuxsecurity.

https://linuxsecurity.com/advisories/archlinux

@OP There is a re-packaged flatpak version of ClamAV called ClamTk which you should be able to use on SteamOS desktop mode. It's a flatpak so it will not have all of the same functionality as the typical ClamAV installation, such as the "on-access" mode won't work because it requires ClamAV to have root level privileges. But you can at least still use it to scan specific files within your user space, which on Steam Deck. should be fairly sufficient if you aren't doing anything more advanced that requires you unlocking the immutable filesystem.

Here is the link to its flathub page, I'm not sure if its also in Discover because I don't have my Steam Deck yet. If it's on Discover I'd install it from there.

https://flathub.org/apps/details/com.gitlab.davem.ClamTk

OP didn't ask for a beating about AV usage, they asked if there is an AV they can use. I am chiefly writing this reply for any future curious visitor who finds this via a search engine.

Note to technical viewers: I recommend you look away now as I'm not talking to you.

Below I will commit atrocities such as calling Linux an "Operating System" when clearly it's a kernel, totally avoid addressing the importance of human behavior, summarize an entire cyber security discipline as merely a HIDS which we all know it isn't, and countless others.

I'm aware of my sins, I committed them intentionally in order to get on the level of newbies reading this. I'm sure newbies don't know or care the difference between a kernel, GNU core utilities, and an Operating system. They don't care about the disciplines of logging, monitoring, and alerting. Seriously, they just don't care so please don't confuse the people I'm targeting by arguing about these points that don't matter.

No, there is currently no AV for the Steam Deck


Engineer with nearly 25 years of Linux experience [primarily as a hobbyist, but professional experience as well]
Who still manages to be a human being that is capable of making mistakes *shrugs*


Many points have already been made so I won't repeat. What I will do, however, is give a summary, dispel myths, and offer helpful facts.


Summary: Linux is a hardened operating system which relies on many layers of mechanisms that control security. These mechanisms extend far beyond the scope of a simple antivirus. The Steam Deck takes this even further with its immutable OS design and forced containerization.


Tip: AVs significantly impact available resources, so using one is not recommended on the Steam Deck. It would likely be an unsupported configuration by Valve's measure because it would reduce gaming performance resulting in a higher volume of support tickets.


Myth: The Steam Deck will never get viruses
Fact: Let's all hope the success of the Steam Deck is so great that this is a problem Valve has to address. That said I have complete confidence in Valve's willingness and capability to address this expeditiously if we do reach this point.


Myth: Linux can't detect viruses
Fact: Linux hosts typically use a HIDS (Host Intrusion Detection System) in place of an AV. Tools like this are very advanced and are far more capable than dumb pattern matching AVs. They can catch hacking/intrusions of any kind irrespective of the source. That said, they require a skilled user or team of people to use.


Myth: ClamAV is an AV for Steam Deck
Fact: ClamAV is a utility for scanning files to find viruses chiefly intended for _other_ operating systems - though some Linux virus detections may exist. That really doesn't matter though, what does matter is that ClamAV does not perform real-time scanning. Real-time scanning what you're after.


Myth: Oh no, I got a virus! Now I have to have a professional fix it for me
Fact: The Steam Deck can be easily and quickly wiped back to factory settings by you. This will clean any virus, and will require minimal setup to get going again. Note that this is a very different process from Windows and MacOS.


Myth: Steam Deck runs Linux, so it's protected from viruses
Fact1: Many browser-based viruses that are targeted at Chromebook users and rely on browser extensions. These are not only possible, but something that exists and you should be careful to avoid.
Fact2: Valve's engineering marvel Proton is essentially a copy of Windows running on your Steam Deck. You can bet that this also means a virus made for Windows could deliver its payload within a Proton environment.


Luckily, the architecture Valve has created is one of a kind and even more secure than off the shelf Linux, but not quite as dogmatic as the Chromebook. This is a good thing - if Valve made a Chromebook I'd be highly disappointed because it wouldn't be possible to do things like install Discord or a other computer-y things. The Steam Deck architecture forces containerization, so in theory it would be very difficult for a virus to cause a system-wide effect.

This is because from the perspective of each program being ran, the program thinks it's in its own computer and can't even see the other games and files on your system. This means a virus would have to infect the container, identify it's in a container, break out of it, escalate privileges, and carry out a system-level payload. This is a very tall order that I've yet to see an example of a virus doing - but humans certainly have.

In the event an application or game gets infected it could likely be cleaned up by simply uninstalling/reinstalling the particular game or application. This would in turn delete and remake the container from scratch with all things in it - virus and payload alike. This feature of the Steam Deck's design makes a virus' job extraordinarily more difficult.

I would be equally concerned about the Steam Deck getting a virus as say a game console or smart TV neither of which have AVs.

The anti virus is EASY, set up a 256 Random generated Sudo password which regenerates after every reboots or every 15 minutes. Then you will never have virus.

On the other Side, I'm gonna say that if you ever Play a Pirated game on the Steam deck, lets say you downloaded Skyrim and there is a virus inside of skyrim, WELL surely enought this virus will only be able to live INSIDE the Skyrim Proton Container, which theorycly if you CANNOT RUN skyrim as SUDO, then Skyrim cannot Escape its own container UNLESS you use Priviledge escalations methods on Windows which you cannot use since its a Linux system. Even then EVEN if you have a virus, you could simply shut it down whenever by closing skyrim.

If you would be to run that container as Sudo, or have no sudo password at all then yes some Exploits existe , Such as dirtycow but those would have to be run inside a Linux environement not a Windows environement. Right?, unless the Virus would be Multi OS/Translation Layer aware & compatible, Which i dont think i've ever seen.


They yes its Theoricly possible to catch virus on SteamOS whitout using root or sudo.

As many people have said, you don't really need AV on Linux. It's not 100% safe though, and as the Linux market share grows so will the desire for people to make viruses that target it. On my work PC since I have to follow some HIPAA requirements, I must have an AV installed, and I use ClamAV.