clrvir - The web virus cleaning utility

What is clrvir? What clrvir is not?

Clrvir is a simple PHP CLI web-virus cleaning script for UNIX and Linux operating systems to be used on shell accounts with infected websites.
Clrvir tries to be an answer for the growing need of a simple way for fixing hacked sites, as the number of them keeps increasing dramatically (f.e. due to newest Wordpress hacks).

Clrvir is not an answer to all of your problems. It will not secure your server, hosting account, nor it will fix vulnerabilities in the web software used. It will only try to clean infected code from the viruses/hacks/trojans it can recognize (as of 2011-09-21 - 5 of them).

Be warned!

At the time of writing this text clrvir remains a highly experimental code; even tho it was massively tested. Use it at your own risk and be aware that I will not take responsibility for any possible damage done to your site. On the other hand I guarantee that clrvir itself does not contain any malicious/dangerous algorithms. clrvir performs file deletion only if it's 100% sure it's targeting an unneccessary, virus file. In any case of being unsure it will change the file extension to something harmless for the system and unusable for ther attacker (.vir.txt).


clrvir - The web virus cleaning utility clrvir - The web virus cleaning utility


Installation and usage

  1. Download recent clrvir .tgz package
  2. Unpack it to some executable path (f.e. ~/bin/ or /usr/local/bin/)
  3. Make sure it has executable permissions or do perform chmod +x if not
  4. Run:
    clrvir.php - to scan within current working directory
    clrvir.php /some/directory/ - to scan within directory provided as first argument


clrvir is an OpenSource project licensed under GNU General Public License v3,


If you find clrvir useful or by any chance it helped you getting back on track - please donate my work so it can evolve. Thank you!

© 2011 Maciej 'Kyeno' Taranienko,