How to remove virus with ClamAV (Clam Antivirus) on Ubuntu 16.04 LTS
How to remove virus with ClamAV (Clam Antivirus) on Ubuntu 16.04 LTS
ClamAV Antivirus is a free and open source cross-platform for antivirus engine.It has many feature as multi-threaded scanner daemon, command line utilities for file scanning on demand and automatic signature updates features.Its application was developed for Unix and other third parties have developed versions of ClamAV to work on different type of operating systems such as Windows, Linux, OS X, BSD and Solaris, CentOS/Redhat.
– Today we will learn install ClamAV Antivirus and configure it step by step.
sudo apt-get update sudo apt-get install clamav clamav-daemon
Now Check clamav version of the machine.
clamdscan -V
After install ClamAV in system then you required to update ClamAV antivirus definition of database.
sudo freshclam
If you are getting an error when you update ClamAV antivirus definition database then you should restart your machine once and try it again.
Now you need to full system scan first time .
clamscan -r --bell -i /
Wonderful Job !!!!
Now you can setup bash script daily scan in your folder which you would like to scan.
#!/bin/bash LOGFILE="/var/log/clamav/clamav-$(date +'%Y-%m-%d').log"; EMAIL_MSG="File is importent for you. Please find attached file."; EMAIL_FROM="[email protected]"; EMAIL_TO="[email protected]"; DIRTOSCAN="/var/www /home"; for S in ${DIRTOSCAN}; do DIRSIZE=$(du -sh "$S" 2>/dev/null | cut -f1); echo "Starting a daily scan of "$S" directory. Amount of data to be scanned is "$DIRSIZE"."; clamscan -r --bell -i "$S" >> "$LOGFILE"; # get the value of "Infected lines" MALWARE=$(tail "$LOGFILE"|grep Infected|cut -d" " -f3); # if the value is not equal to zero, send an email with the log file attached if [ "$MALWARE" -ne "0" ];then # using heirloom-mailx below echo "$EMAIL_MSG"|mail -a "$LOGFILE" -s "Malware Found" -r "$EMAIL_FROM" "$EMAIL_TO"; fi done exit 0
Now add script in crontab:
0 0 * * * /bin/bash /home/virus_scan.sh