admin管理员组文章数量:1585014
安装:通过执行sudo install命令从 APT 存储库安装 ClamAV
sudo apt install clamav clamav-daemon -y安转具体操作查看Reference 1.
ClamAV使用
sudo clamscan -r --bell --exclude-dir="^/sys" -i /(Terminal输入的结果显示到文件中,添加如下命令:
sudo clamscan -r --bell --exclude-dir="^/sys" -i / > ./.../clamscan.txt备注 1:使用命令行选项--exclude-dir="^/sys"忽略/sys。若扫描/sys文件则很有可能会有如下报错:
WARNING: Can't open file /sys/module/watchdog/uevent: Permission denied
LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
WARNING: Can't open file /sys/module/debug_core/uevent: Permission denied
LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
WARNING: Can't open file /sys/module/workqueue/uevent: Permission denied
LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
WARNING: Can't open file /sys/module/tpm/uevent: Permission denied
LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4092 bytes @ offset 4, got 0
WARNING: Can't open file /sys/module/sr_mod/uevent: Permission denied
LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
WARNING: Can't open file /sys/module/drm/uevent: Permission denied
LibClamAV Warning: fmap_readpage: pread fail: asked for 4095 bytes @ offset 1, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4095 bytes @ offset 1, got 0
LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
/sys是sysfs 虚拟文件系统的挂载点。文件/sys不是真正的文件,病毒不会感染它们。
sysfs是 Linux 内核提供的虚拟文件系统。通过使用虚拟文件,sysfs 将有关各种内核子系统、硬件设备和相关设备驱动程序的信息从内核的设备模型导出到用户空间。除了提供有关各种设备和内核子系统的信息外,导出的虚拟文件还用于配置。
备注 2:--exclude-dir 排除一些虚目录
$ sudo clamscan -r -o --exclude-dir='^/sys|^/dev|^/mnt|^/home' / -i /home/clamscan.log
命令介绍:
$ clamscan -r -o --bell --exclude-dir='^/sys' /home -i /home/clamscan.log
-r递归扫描子目录; -o跳过打印OK的文件名; /home扫描home目录; -l输出日志文件
- (1)扫描所有用户的主目录,如:clamscan -r /home
- (2)扫描计算机上的所有文件并且显示所有的文件的扫描结果,如:clamscan -r /
- (3)扫描计算机上的所有文件并且显示有问题的文件的扫描结果,如:clamscan -r --bell -i /
- (4)扫描计算机上的某个目录下文件并将扫描结果写入指定文件中,如:clamscan -r /home --max-dir-recursion=5 -l /root/homeclamav.log
- (5)扫描计算机上的某个目录下文件并将移除感染文件,如:clamscan -r --remove /usr/bin/bsd-port
-----------------------------------
Reference:
1. 如何在 Ubuntu 20.04 LTS 上安装 ClamAV - LinuxCapable
2. 下载网址:ClamAVNet
版权声明:本文标题:Ubuntu 系统安装和使用杀毒软件ClamAV 内容由热心网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:https://www.elefans.com/xitong/1727957953a1139564.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论