clamav 杀毒
RHEL/CentOS
On CentOS:
# yum install -y epel-release # yum install -y clamav
On Community Enterprise Operating System (CentOS) the clamav package requires the Extra Packages for Enterprise Linux (EPEL) repository.
On RedHat Enterprise Linux (RHEL) the EPEL release package has to be installed either manually or through RHN.
启动
service clamd start
三、更新病毒库
freshclam
一些常规用法举例
1,扫描某个目录,clamscan -r /home/oicqzone
2,将扫描结果存放到log中,clamscan -r /home/oicqzone -l /tmp/clamav.log
3,扫描过程中,只显示有问题的文件并且发出警报声音,clamscan -r –bell -i /home/oicqzone
4,扫描到有问题的文件,直接删除,clamscan -r –remove /home/oicqzone,这一步要小心,最好不要这样操作,如果删除了系统文件就麻烦了。可能导致系统崩溃。
故障解决 UBUNTU
root@02:/usr/share# clamscan -r /root
LibClamAV Error: cli_loaddbdir(): No supported database files found in /var/lib/clamav
ERROR: Can’t open file or directory
———– SCAN SUMMARY ———–
Known viruses: 0
Engine version: 0.99.2
Scanned directories: 0
Scanned files: 0
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 0.002 sec (0 m 0 s)
root@02:/usr/share# clamscan -r /
LibClamAV Error: cli_loaddbdir(): No supported database files found in /var/lib/clamav
ERROR: Can’t open file or directory
不能扫描
且不能更新
root@datacentercrawler01:~# freshclam
ERROR: /var/log/clamav/freshclam.log is locked by another process
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
root@datacentercrawler01:~#
使用如下命令选择手动更新,并修改更新源为 cn
sudo dpkg-reconfigure clamav-freshclam
递归杀毒 并输出日志
clamscan -r / -l /tmp/clam.log
Scanned directories: 33399
Scanned files: 649072
Infected files: 3
Total errors: 16874
Data scanned: 9564.13 MB
Data read: 20149.46 MB (ratio 0.47:1)
Time: 1797.790 sec (29 m 57 s)
杀毒并报警且只显示被感染的文件
clamscan -r –bell -i / -l /tmp/clam.log
如何找到被感染的文件
grep FOUND /tmp/clam.log > 1.txt
/home//maven/lib/aether-impl-1.0.2.v20150114.jar: Java.Malware.Agent-6206104-0 FOUND
/home//maven/lib/plexus-interpolation-1.21.jar: Java.Malware.Agent-6205983-0 FOUND
/home//maven/lib/aether-spi-1.0.2.v20150114.jar: Java.Malware.Agent-6204790-0 FOUND