Basic ClamAV installation on CentOS 7 and CentOS 6

ClamAV is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. ClamAV includes a multi-threaded scanner daemon, command line utilities for on demand file scanning and automatic signature updates.

It is one of the most popular virus scanner that run on CentOS and RedHat and here is very simple quick installation steps.

 

CentOS 7 Installation

1. ClamAV can easily be installed on CentOS 7.x or RHEL 7.x system to use Fedora EPEL repo. Here is how to add them to you CentOS 7

# wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
# rpm -ivh epel-release-7-5.noarch.rpm

2. Install ClamAV and all prerequisites

# yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

3. Now lets remove Example lines from configuration files.

#sed -i -e "s/^Example/#Example/" /etc/freshclam.conf

#sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf

4. Run ClamAV updates

# freshclam

6. Run your scan.

#clamscan --infected --remove --recursive /home

7. For testing purposes you can upload test virus and make sure it is detected.

#curl -O http://www.eicar.org/download/eicar.com
clamscan --infected --remove --recursive

CentOS 6 Installation

1. Install EPEL repo for CentOS 6

#wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
#rpm -Uvh epel-release-6*.rpm

2. Install ClamAV

#yum install clamav clamd

3. Start ClamV services and make sure they set to auto start

#clamd on
#chkconfig clamd on
#clamd start

Below is example of how to run scan against home directory and moving infected files to /usr/local/virusBAD/

#clamscan -ir /home -l /var/log/clamscan.log --move=/usr/local/virusBAD/