Scanning for malware by using ClamAV Scan

Prerequisites

How can I install ClamAV on a Linux server?

ClamAV is a popular open-source antivirus engine available on a multitude of platforms including the majority of Linux distributions. Install and scan it on your Linux server with the following command.

Step 1: Installation

For Ubuntu / Debian

apt-get install clamav clamav-daemon

For CentOS

yum install clamav clamav-daemon

For CentOS Stream / Redhat

dnf --enablerepo=epel -y install clamav clamav-update

Please refer the sample output below:

../../_images/clam1.png

Step 2: Go to /etc folder and edit freshclam.conf file.

vim /etc/freshclam.conf
../../_images/clam2.png

Note

Please edit and comment the 8th line of the freshclam.conf file as mentioned in above screenshot.

Step 2: Update Database

The below command will install the signature database in your machine.

freshclam

Please refer the sample output below:

../../_images/clam3.png

Step 3: Run a Manual Scan

Run the following command to scan your server

For CentOS / CentOS Stream / Redhat / Ubuntu / Debian

clamscan -i -v -r /

The above command will list the infected files.

Note

To Enable logging of the scan report please enter the below commnad to save the report, as output file.

clamscan -i -v -r --log=logfile.txt /

The above command will store the logs to logfile.txt.