--- title: ClamAV Installation --- # ClamAV Installation, Update And Scan Guide. ClamAV is an open-source antivirus engine designed to detect trojans, viruses, malware, and other malicious threats. This guide provides a step-by-step method to install, update, and configure ClamAV along with an automation script. ## **1. Supported Distributions.** This script supports the following Linux distributions: * Ubuntu / Debian * CentOS 7 * RHEL / CentOS Stream / Rocky Linux / AlmaLinux * Fedora ## **2. Features of the Script.** **Automatic** * OS detection * ClamAV and required services. **Installs** * Configures and enables FreshClam (auto virus database updater) * initial malware scan. **Performs** * Moves infected files to quarantine * Saves detailed logs under /var/log/clamav/ ## **3. Manual Installation Steps.** * **On Debian / Ubuntu** ```bash sudo apt update sudo apt install -y clamav clamav-daemon. ``` * **On CentOS 7** ```bash sudo yum install -y epel-release sudo yum install -y clamav clamav-update ``` * **On RHEL / Rocky Linux / AlmaLinux / Fedora** ```bash sudo dnf install -y epel-release sudo dnf install -y clamav clamav-update ``` ## **4. Update Virus Database.** Before scanning, always update ClamAV virus definitions: ```bash sudo systemctl stop clamav-freshclam sudo freshclam sudo systemctl start clamav-freshclam ``` ## **5. Running a Scan** **Quick Scan** ```bash clamscan -r /home ``` **Full System Scan (excluding system directories)** ```bash sudo clamscan -r -i \ --exclude-dir="^/sys" \ --exclude-dir="^/proc" \ --exclude-dir="^/dev" \ --move=/var/quarantine \ --log=/var/log/clamav/scan.log / ``` ## **6. Automation Script** Save the following as clamav-installer.sh ```bash #!/bin/bash # ========================================================== # ClamAV Auto Installer, Updater, and Scanner # Works on: Ubuntu, Debian, CentOS, RHEL, Rocky, AlmaLinux, Fedora # ========================================================== LOGDIR="/var/log/clamav" SCANLOG="$LOGDIR/initial-scan.log" QUARANTINE="/var/quarantine" # Ensure log and quarantine directories exist sudo mkdir -p "$LOGDIR" "$QUARANTINE" echo "[+] Detecting OS..." if [ -f /etc/debian_version ]; then echo "[+] Debian/Ubuntu detected" sudo apt update sudo apt install -y clamav clamav-daemon elif [ -f /etc/redhat-release ]; then if grep -q "CentOS Linux release 7" /etc/redhat-release; then echo "[+] CentOS 7 detected" sudo yum install -y epel-release sudo yum install -y clamav clamav-update else echo "[+] RHEL / CentOS Stream / Fedora detected" sudo dnf install -y epel-release sudo dnf install -y clamav clamav-update fi else echo "[!] Unsupported distribution" exit 1 fi echo "[+] Enabling FreshClam auto-updater..." sudo systemctl enable clamav-freshclam sudo systemctl start clamav-freshclam echo "[+] Updating virus database..." sudo systemctl stop clamav-freshclam sudo freshclam sudo systemctl start clamav-freshclam echo "[+] Running initial malware scan..." sudo clamscan -r -i \ --exclude-dir="^/sys" \ --exclude-dir="^/proc" \ --exclude-dir="^/dev" \ --move="$QUARANTINE" \ --log="$SCANLOG" / echo "[+] Scan complete." echo " → Log file: $SCANLOG" echo " → Quarantine dir: $QUARANTINE" ``` ## **7. Usage Instructions** * **Save the script:** ```bash nano clamav-installer.sh ``` (Paste the code above, then save and exit CTRL+O, CTRL+X) * **Make it executable** ```bash chmod +x clamav-installer.sh ``` * **Run the script:** ```bash ./clamav-installer.sh ``` ## **8. Output & Logs** * **Logs are stored in:** ```bash /var/log/clamav/initial-scan.log ``` * **Infected files are moved to:** ```bash /var/quarantine ``` ## **9. Schedule Regular Scans (Optional).** **Create a cron job for daily scans:** * **Open the root crontab:** ```bash sudo crontab -e ``` * **Add this line at the bottom:** ```bash 0 2 * * * /usr/bin/clamscan -r -i --move=/var/quarantine --log=/var/log/clamav/daily-scan.log / ``` ---