Here is how to add the open source antivirus tool ClamAV to the CentOS machine and configure it automatically run a virus scan on newly uploaded files. ClamAV detects all forms of malware including Trojan horses, viruses, and worms, and it operates on all major file types including Windows, Linux, and Mac files, compressed files, executables, image files, Flash, PDF, and many others. ClamAV’s Freshclam daemon automatically updates its malware signature database at scheduled intervals.

yum -y install clamav clamav-scanner clamav-scanner-systemd clamav-server clamav-server-systemd clamav-update

First edit freshclam.conf and configure your options.

vi /etc/freshclam.conf

Freshclam updates your malware database, so you want it to run frequently to get updated malware signatures. Run it manually post-installation to download your first set of malware signatures:

freshclam

Next, edit scan.conf.

vi /etc/clamd.d/scan.conf

Uncomment this line

LocalSocket /run/clamd.scan/clamd.sock

When you’re finished you must enable the clamd service file and start clamd:

systemctl enable clamd@scan.service
systemctl start clamd@scan.service

Note, the default cron job for ClamAV runs every 3 hours to check for updates.