为了在linux环境下扫描出windows下的病毒***文件,使用clamav工具可以做到.clamav病毒库可以免费升级,但只能查毒不能杀毒。
1、安装clamav
  下载clamav-0.94.2.tar.gz
http://www.sfr-fresh.com/unix/misc/clamav-0.94.2.tar.gz
  tar -zxvf clamav-0.94.2.tar.gz
  cd clamav-0.94.2
  groupadd clamav
  useradd -g clamav -s /bin/false -d /dev/null clamav
  ./configure
  make && make install
2、创建日志目录
  mkdir -p /var/log/clamav
  chown -R clamav.clamav /var/log/clamav
3、修改配置文件clamd.conf:
  vi /usr/local/etc/clamd.conf
  #Example 注释掉Example
  LogFile /var/log/clamav/clamd.log
  LogTime yes
  LogVerbose yes
  PidFile /var/run/clamd.pid
  TemporaryDirectory /var/tmp
  LocalSocket /tmp/clamd.socket
  默认安装病毒库在此目录:
  MaxDirectoryRecursion 15
  User clamav
  ScanMail yes
  ScanArchive yes
  修改配置文件:freshclam.conf
  vi /usr/local/etc/freshclam.conf
  #Example 注释掉Example
  DatabaseDirectory /usr/local/share/clamav
  UpdateLogFile /var/log/freshclam.log
  LogFileMaxSize 10M
  LogTime yes
  LogVerbose yes
  LogSyslog yes
  PidFile /var/run/freshclam.pid
  DatabaseOwner clamav
  DatabaseMirror database.clamav.net
4、启动clamav 、freshclam
编写脚本:vi clamav
  #!/bin/sh
#
# Startup / shutdown script for Clam Antivirus
case "$1" in
start)
/usr/local/sbin/clamd && echo -n 'Clamd started'
/usr/local/bin/freshclam -d -c 2 -l /var/log/freshclam.log
echo -n ' freshclam started'
;;
stop)
/usr/bin/killall clamd > /dev/null 2>&1 && echo -n 'Clamd stoped'
/usr/bin/killall freshclam > /dev/null 2>&1 && echo -n ' freshclam Stoped'
;;
*)
echo ""
echo "Usage: `basename $0` { start | stop }"
echo ""
exit 64
;;
esac
把clamav脚本放在/etc/init.d/clamav
修改访问权限:chmod 755 /etc/init.d/clamav
创建freshclam.log文件:touch /var/log/freshclam.log
chown clamav.clamav /var/log/freshclam.log
touch /var/run/clamd.pid
chown clamav.clamav /var/run/clamd.pid
touch /var/run/freshclam.pid
chown clamav.clamav /var/run/freshclam.pid


5、计划任务定时升级病毒库和定期扫描某个目录:
  #crontab -e
   0 1 * * * freshclam --quiet
   0 6 * * * /usr/local/bin/clamscan --recursive --infected --exclude /usr/local/share/clamav/viruses.db --exclude /usr/local/share/clamav/viruses.db2  /home
6、扫描目录、文件
 clamscan -r /tmp
 clamscan data.tar.gz

http://blog.chinaunix.net/uid-20653538-id-66668.html