This is a better string to find out what's hitting your audit log:
cat /var/log/audit/audit.log* | cut -d ' ' -f26 | sort | uniq -c | sort -n | tail -n 6 | head -n5
Linux doesn't have many great antivirus options available.
Don't get me wrong, there are actually a few options nowadays. We've got the ever-present ClamAV; BitDefender has a good reputation, but I haven't played with it yet; Sophos AV for Linux seems to be in limbo. ESET for Linux exists, as does Symantec Endpoint Protection for Linux …