#安装 sudo yum install -y epel-release # sudo yum clean all && yum makecache sudo yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd #配置selinux sudo setsebool -P antivirus_can_scan_system 1 sudo setsebool -P clamd_use_jit 1 sudo getsebool -a | grep antivirus #结果 antivirus_can_scan_system --> on antivirus_use_jit --> on #配置clamAV sudo sed -i -e "s/^Example/#Example/" /etc/clamd .d /scan .conf sudo sed -i -e "s/^Example/#Example/" /etc/freshclam .conf vim /etc/clamd .d /scan .conf #修改以下,去掉#号 #LocalSocket /run/clamd.scan/clamd.sock #更新病毒库 freshclam #更新不成功,没有权限,自己到网页上下载 https: //database .clamav.net /daily .cvd https: //database .clamav.net /bytecode .cvd https: //database .clamav.net /main .cvd #替换病毒库 /var/lib/clamav/daily .cvd /var/lib/clamav/main .cvd /var/lib/clamav/bytecode .cvd #启动clamd服务 sudo systemctl start clamd@scan sudo systemctl enable clamd@scan ##扫描文件 sudo clamscan targetfile ##递归扫描home目录,并且记录日志 sudo clamscan -r -i /home -l /var/log/clamav .log ##递归扫描home目录,将病毒文件删除,并且记录日志 sudo clamscan -r -i /home --remove -l /var/log/clamav .log ##建议##扫描指定目录,然后将感染文件移动到指定目录,并记录日志 sudo clamscan -r -i /home --move= /tmp/clamav -l /var/log/clamav .log #本次测试的 sudo clamscan -r -i /home/xxx/test_YASDB/release -l /var/log/clamav_release .log sudo clamscan -r -i /home/xxx/test_YASDB/driver -l /var/log/clamav_driver .log #查看病毒文件 cat /var/log/clamav-bin .log | grep "FOUND" |