系统rhel7.5
clamav-0.100.2.tar.gz 官网下载clamav：http://www.clamav.net
开始安装：
根据自己的系统版本下载相应的epel安装文件

#wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
#wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
安装epel:
rpm -ivh epel-release-latest-7.noarch.rpm
#yum install clamav clamav-server clamav-data clamav-update clamav-filesystem clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd
这种方法安装后，病毒库默认地址是/var/lib/clamav
#tar zxvf clamav-0.99.2.tar.gz
#cd clamav-0.99.2
#要带pcre，要不然执行clamscan会报错
#./configure --prefix=/usr/local/clamav --with-pcre
#make
#make install
#cd /usr/local/clamav/etc/
#cp clamd.conf.sample clamd.conf
#cp freshclam.conf.sample freshclam.conf
注释掉clamd.conf和freshclam.conf中的

Example 注释掉这一行. 第8 行

useradd clamav -s /sbin/nologin

mkdir -p /usr/local/clamav/share/clamav

chown clamav:clamav /usr/local/clamav/share/clamav

二、更新病毒库
#cd /usr/local/clamav/share/clamav
#wget http://database.clamav.net/main.cvd
#wget http://database.clamav.net/daily.cvd
#wget http://database.clamav.net/bytecode.cvd

chown clamav:clamav *

clamscan：
用clamscan扫描，不需要开始服务就能使用。速度慢，要带-r，才会递归扫描子目录
#clamscan -r /usr
这个命令不仅会显示找到的病毒，正常的扫描文件也会显示出来。

可以用下面这个命令，只显示找到的病毒信息

clamscan --no-summary -ri /tmp

-r 递归扫描子目录
-i 只显示发现的病毒文件
--no-summary 不显示统计信息
[[email protected] clamav]# clamscan /var/
LibClamAV Warning: **
LibClamAV Warning: The virus database is older than 7 days!
LibClamAV Warning: Please update it as soon as possible.
LibClamAV Warning: **
/var/run: Symbolic link
/var/lock: Symbolic link
/var/mail: Symbolic link
/var/.updated: OK

----------- SCAN SUMMARY -----------
Known viruses: 6668589
Engine version: 0.100.2
Scanned directories: 1
Scanned files: 1
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 10.251 sec (0 m 10 s)

[[email protected] clamav]# clamscan --no-summary -ri /tmp
使用–remove选项，会直接删除检测出来的文件。
clamscan --remove /root

原文地址：http://blog.51cto.com/13810716/2324044