赞
踩
sudo apt install clamav clamav-daemon -y
安转具体操作查看Reference 1.
sudo clamscan -r --bell --exclude-dir="^/sys" -i /
(Terminal输入的结果显示到文件中,添加如下命令:
sudo clamscan -r --bell --exclude-dir="^/sys" -i / > ./.../clamscan.txt
备注 1:使用命令行选项--exclude-dir="^/sys"
忽略/sys。若扫描/sys文件则很有可能会有如下报错:
- WARNING: Can't open file /sys/module/watchdog/uevent: Permission denied
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
- WARNING: Can't open file /sys/module/debug_core/uevent: Permission denied
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
- WARNING: Can't open file /sys/module/workqueue/uevent: Permission denied
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
- WARNING: Can't open file /sys/module/tpm/uevent: Permission denied
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4092 bytes @ offset 4, got 0
- WARNING: Can't open file /sys/module/sr_mod/uevent: Permission denied
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
- WARNING: Can't open file /sys/module/drm/uevent: Permission denied
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4095 bytes @ offset 1, got 0
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4095 bytes @ offset 1, got 0
- LibClamAV Warning: fmap_readpage: pread fail: asked for 4094 bytes @ offset 2, got 0
/sys
是sysfs 虚拟文件系统的挂载点。文件/sys
不是真正的文件,病毒不会感染它们。
sysfs是 Linux 内核提供的虚拟文件系统。通过使用虚拟文件,sysfs 将有关各种内核子系统、硬件设备和相关设备驱动程序的信息从内核的设备模型导出到用户空间。除了提供有关各种设备和内核子系统的信息外,导出的虚拟文件还用于配置。
备注 2:--exclude-dir 排除一些虚目录
$ sudo clamscan -r -o --exclude-dir='^/sys|^/dev|^/mnt|^/home' / -i /home/clamscan.log
$ clamscan -r -o --bell --exclude-dir='^/sys' /home -i /home/clamscan.log
-r递归扫描子目录; -o跳过打印OK的文件名; /home扫描home目录; -l输出日志文件
-----------------------------------
Reference:
1. 如何在 Ubuntu 20.04 LTS 上安装 ClamAV - LinuxCapable
2. 下载网址:ClamAVNet
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。