ClamAV is an open-source anti-virus available on almost all linux distribution. You can easily install it to analyze your website folders to clean them.
Install ClamAV
apt-get install clamav -y
update anti-virus database
To update ClamAV anti-virus database, you can use freshclam :
sudo freshclam
If you see an error message about freshclam process already running, stop the process first and then run again the command freshclam :
sudo /etc/init.d/clamav-freshclam stop
sudo freshclam
sudo /etc/init.d/clamav-freshclam start
ClamAV usage examples
Scan recursively the folder /var/www
sudo clamscan -r /var/www
Scan recursively all folders on your server
sudo clamscan -r /
Scan the root partition excepted system directories
clamscan -r -i --exclude-dir='^/sys|^/proc|^/dev|^/lib|^/bin|^/sbin' /
Scan recursively /var/www and write logs in the file clamav-result.log
sudo clamscan -i --log=/var/log/clamav-result.log -r /var/www
Scan recursively /var/www and move any infected files in /var/infected and list results in clamscan.log
sudo clamscan --max-filesize=512M --max-scansize=3999M --move=/var/infected -r /var/www | grep FOUND >> /var/log/clamav/clamscan.log
Automate anti-virus database update :
Create a file /etc/cron.daily/freshclam with the following content :
#!/bin/sh
/etc/init.d/clamav-freshclam stop > /dev/null 2>&1
/usr/bin/freshclam >> /var/log/results_freshclam.txt 2>&1
/etc/init.d/clamav-freshclam start > /dev/null 2>&1
Change permission to 755 on this file :
sudo chmod 755 /etc/cron.daily/freshclam