当前位置:   article > 正文

Ubuntu 系统安装和使用杀毒软件ClamAV_ubuntu clamav

ubuntu clamav

安装:通过执行sudo install命令从 APT 存储库安装 ClamAV

sudo apt install clamav clamav-daemon -y

安转具体操作查看Reference 1.

ClamAV使用

​​​​​​​sudo clamscan -r --bell  --exclude-dir="^/sys" -i /

(Terminal输入的结果显示到文件中,添加如下命令:

​​​​​​​sudo clamscan -r --bell  --exclude-dir="^/sys" -i / > ./.../clamscan.txt

备注 1:使用命令行选项--exclude-dir="^/sys"忽略/sys。若扫描/sys文件则很有可能会有如下报错:

  1. WARNING: Can't open file /sys/module/watchdog/uevent: Permission denied
  2. LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
  3. WARNING: Can't open file /sys/module/debug_core/uevent: Permission denied
  4. LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
  5. LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
  6. WARNING: Can't open file /sys/module/workqueue/uevent: Permission denied
  7. LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
  8. LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
  9. LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
  10. WARNING: Can't open file /sys/module/tpm/uevent: Permission denied
  11. LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
  12. LibClamAV Warning: fmap_readpage: pread fail: asked for 4092 bytes @ offset 4, got 0
  13. WARNING: Can't open file /sys/module/sr_mod/uevent: Permission denied
  14. LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
  15. LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
  16. WARNING: Can't open file /sys/module/drm/uevent: Permission denied
  17. LibClamAV Warning: fmap_readpage: pread fail: asked for 4095 bytes @ offset 1, got 0
  18. LibClamAV Warning: fmap_readpage: pread fail: asked for 4095 bytes @ offset 1, got 0
  19. LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0

/syssysfs 虚拟文件系统的挂载点。文件/sys不是真正的文件,病毒不会感染它们。

sysfsLinux 内核提供的虚拟文件系统。通过使用虚拟文件,sysfs 将有关各种内核子系统、硬件设备和相关设备驱动程序的信息从内核的设备模型导出到用户空间。除了提供有关各种设备和内核子系统的信息外,导出的虚拟文件还用于配置。

备注 2:--exclude-dir 排除一些虚目录
$ sudo clamscan -r -o --exclude-dir='^/sys|^/dev|^/mnt|^/home' / -i /home/clamscan.log

命令介绍:

$ clamscan -r -o --bell --exclude-dir='^/sys' /home -i /home/clamscan.log

-r递归扫描子目录; -o跳过打印OK的文件名; /home扫描home目录; -l输出日志文件

  • (1)扫描所有用户的主目录,如:clamscan -r /home
  • (2)扫描计算机上的所有文件并且显示所有的文件的扫描结果,如:clamscan -r /
  • (3)扫描计算机上的所有文件并且显示有问题的文件的扫描结果,如:clamscan -r --bell -i /
  • (4)扫描计算机上的某个目录下文件并将扫描结果写入指定文件中,如:clamscan -r /home --max-dir-recursion=5 -l /root/homeclamav.log
  • (5)扫描计算机上的某个目录下文件并将移除感染文件,如:clamscan -r --remove /usr/bin/bsd-port

-----------------------------------

Reference:

1. 如何在 Ubuntu 20.04 LTS 上安装 ClamAV - LinuxCapable

2. 下载网址:ClamAVNet

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/煮酒与君饮/article/detail/803572
推荐阅读
相关标签
  

闽ICP备14008679号