登陆http://packages.sw.be/clamav/ 下载最新的RHEL5 and CentOS-5 x86 64bit的rpm包
1.[root@redhat92 home]# wget http://packages.sw.be/clamav/clamav-db-0.95.1-4.el5.rf.x86_64.rpm
2.[root@redhat92 home]# wget http://packages.sw.be/clamav/clamav-db-0.97.6-1.el5.rf.x86_64.rpm
3.[root@redhat92 home]# wget http://packages.sw.be/clamav/clamd-0.97.6-1.el5.rf.x86_64.rpm
4.[root@redhat92 home]# rpm -ivh clamav-db-0.97.6-1.el5.rf.x86_64.rpm
warning: clamav-db-0.97.6-1.el5.rf.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing... ########################################### [100%]
1:clamav-db ########################################### [100%]
[root@redhat92 home]#
5.[root@redhat92 home]# rpm -ivh clamav-0.97.6-1.el5.rf.x86_64.rpm
warning: clamav-0.97.6-1.el5.rf.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing... ########################################### [100%]
1:clamav ########################################### [100%]
[root@redhat92 home]#
6.[root@redhat92 home]# rpm -ivh clamd-0.97.6-1.el5.rf.x86_64.rpm
warning: clamd-0.97.6-1.el5.rf.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing... ########################################### [100%]
1:clamd ########################################### [100%]
[root@redhat92 home]#
7.启动ClamAV及freshclam
[root@redhat92 home]# service clamd start
Starting Clam AntiVirus Daemon: LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
8.启动更新:
[root@redhat92 home]# freshclam
9.查杀病毒
示例
(0) 扫描指定的文件:
clamscan file
(1) 扫描当前目录:
clamscan
(2) 扫描/home目录中所有文件 (包括子目录):
clamscan -r /home
clamscan -r / (扫描/的所有目录以及其子目录)
(3) Load database from selected file and limit disk usage to 50 Mb:
clamscan -d /tmp/newclamdb --max-space=50m -r /tmp
(4) 扫描数据流:
cat testfile | clamscan -
(5) 检查邮件目录:
clamscan -r --mbox /var/spool/mail
其他差数
-l [路径] [文件名] 增加扫描报告
# clamscan -l /var/log/clamscan.log /
--move [路径] 移动病毒文件至..
--remove [路径] 删除病毒文件
--unzip(unrar) 解压压缩文件扫描
返回值
0 : 无病毒
1 : 发现病毒
40: 已经通过的未知选项
50: 数据库初始化错误
52: 不支持的文件格式
53: 无法打开目录
54: 不能打开文件(ofm)
55: 读文件错误(ofm)
56: Can't stat input file / directory.
57: Can't get absolute path name of current working directory.
58: I/O 错误, 请检查文件系统
59: 无法在/etc/passwd获得当前用户的信息
60: 无法在/etc/passwd获得'clamav'(默认名)用户的信息
61: Can't fork.
63: 不能创建临时文件/目录(检查权限).
64: 无法对临时目录进行写操作 (请指定另一个目录).
70: 无法分配或释放内存 (calloc).
71: 无法分配内存 (malloc).
将freshclam增加到自启动
[root@redhat92 home]# freshclam --daemon
输入如下命令,即可使freshclam一开机就实现自启动
[root@redhat92 home]# echo "/usr/bin/freshclam --daemon" >> /etc/rc.d/rc.local
相关的文件
/usr/bin目录下
clamconf clamdscan clamdtop clamscan freshclam
/etc/freshclam.conf
/etc/cron.daily/freshclam
/etc/logrotate.d/freshclam
下面是rpm包做的服务配置文件,路径为/etc/init.d/clamd
#!/bin/sh
#
# Startup script for the Clam AntiVirus Daemon
#
# chkconfig: 2345 61 39
# description: Clam AntiVirus Daemon is a TCP/IP or socket protocol \
# server.
# processname: clamd
# pidfile: /var/run/clamav/clamd.pid
# config: /etc/clamav.conf
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
[ -x /usr/sbin/clamd ] || exit 0
# See how we were called.
case "$1" in
start)
echo -n "Starting Clam AntiVirus Daemon: "
daemon clamd
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/clamd
;;
stop)
echo -n "Stopping Clam AntiVirus Daemon: "
killproc clamd
rm -f /var/clamav/clamd.socket
rm -f /var/run/clamav/clamav.pid
RETVAL=$?
echo
### heres the fix... we gotta remove the stale files on restart
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/clamd
;;
status)
status clamd
RETVAL=$?
;;
restart|reload)
$0 stop
$0 start
RETVAL=$?
;;
condrestart)
[ -e /var/lock/subsys/clamd ] && restart
RETVAL=$?
;;
*)
echo "Usage: clamd {start|stop|status|restart|reload|condrestart}"
exit 1
esac