Scan your Linux system with Clam AntiVirus/ClamAV.Installation Guide

ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates.

Please follow the below steps to install and configure ClamAV in your system.

Install the Atomic repository in your system.

wget -q -O - | sh

Install ClamAV using yum.

yum install clamd

It will install clamd, clamav and clamav-db in your system. Run the below command to update the virus definitions.


Start the ClamAV.

/etc/init.d/clamd start

Now open a new screen session and scan the whole system by running the below command.

clamscan -ril /opt/clamscan.log /

( Please note that, this will take hours to complete depending on the disk usage in your system and that is the reason why we are running it in a screen session. )

You can detach and enter to screen session any time and check the status frequently.

You will get the scan result at the end and the command will only list the infected files. You can find the files in “/opt/clamscan.log”. ( grep the word FOUND ) You may either manually remove or correct these files or else run the below command that will permanently remove all infected files in your system ( Make sure to run in screen session )

clamscan -ril /opt/clamscan.log --remove /

That’s it!! :) You have removed the virus and malicious codes from your system.

Was this answer helpful?

 Print this Article

Also Read

Is my server hacked? Lets check it with rootkit hunter

RookHit Hunter is a command-line utility that will search your machine for...

How to Secure WHM/cPanel

Login to WHM using root username/passwdhttp://serverip:2086 or http://serverip/whm WHM –...

How to prevent DDoS attack with csf?

First make sure DDOS attack is not from open recursive DNS settings. To check and fix that issue...

How to Prevent Symlink Attacks

ad Impact of Symlink - Suppose you own a small hosting company with a Linux Box, & 1337...

Installing Rkhunter (Rootkit Hunter) in RHEL, CentOS and Fedora

Rkhunter (Rootkit Hunter) is an open source Unix/Linux based scanner tool for Linux systems...