病毒查杀
🎣

病毒查杀

Published
March 27, 2023
Category
应急响应与取证
Subcategory
事件响应流程与策略
Tags
Linux
病毒查杀
Clamav
Author
KK
Notes
这篇文章介绍了如何使用Clamav进行病毒查杀。它提供了yum安装和源码安装两种方法,并提供了扫描和杀毒的命令示例。

Clamav

  • http://www.clamav.net/download.html
  • https://blog.csdn.net/jihaichen/article/details/86756008
yum安装
yum -y install epel-release
yum -y install clamav clamav-milter
//更新病毒库
freshclam
// 扫描方法
clamscan -r /etc --max-dir-recursion=5 -l /root/etcclamav.log
clamscan -r /bin --max-dir-recursion=5 -l /root/binclamav.log
clamscan -r /usr --max-dir-recursion=5 -l /root/usrclamav.log
// 扫描并杀毒
clamscan -r --remove /usr /bin /bsd-port
clamscan -r --remove /usr /bin /
clamscan -r--remove /usr /local /zabbix /sbin
// 查看日志发现
cat /root/usrclamav.log | grep FOUND
或者使用源码安装
wget http://nchc.dl.sourceforge.net/project/libpng/zlib/1.2.7/zlib-1.2.7.tar.gz
tar -zxvf zlib-1.2.7.tar.gz
cd zlib-1.2.7
yum install gcc // 安装一下gcc编译环境
CFLAGS="-O3 -fPIC"./configure --prefix=/usr/local/zlib/
make&& make install
groupadd clamav
useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav
tar –zxvf clamav-0.97.6.tar.gz
cd clamav-0.97.6
./configure --prefix=/opt/clamav --disable-clamav-with-zlib=/usr/local/zlib
make && make install