个人工具

UbuntuHelp:ClamAV/zh

来自Ubuntu中文

Yiding.he讨论 | 贡献2008年8月11日 (一) 10:07的版本

跳转至: 导航, 搜索

ClamAV 是一个命令行下的病毒扫描工具。它只能扫面病毒,而不能将其从文件中移除。它能够扫面各种平台上的病毒,但由于现实情况,它主要用来扫描 Windows 下的病毒和恶意软件。Ubuntu 下的其他反病毒软件可以在这里找到。


安装 ClamAV

ClamAV 在 Universe 软件源中(如果你没有启用官方软件源,参考 如何添加软件源 )。ClamAV 有两种运行模式,一种是仅当你需要扫描一个文件或者做其他日常使用(如扫描所有收到的邮件)时加载到内存;另一种是连接到总是在运行的守护进程。病毒库的更新也会自动进行。

  • 手动执行方式的安装:安装 clamav 软件包。
  • 自动执行方式的安装:安装 clamav-daemon 软件包。

这两种方式都会安装升级工具 clamav-freshclam。安装完之后程序会向你询问从哪里下载病毒库更新,这是你可以选择离你最近的更新站点。ClamAV 的更新包很小,你可以让它自动进行更新。

使用 ClamAV

How can I...

如何升级病毒库?

执行 freshclam。你将会看到像下面这样的输出:

[email protected]:/etc/clamav # freshclam
ClamAV update process started at Wed Apr 27 00:06:47 2005
main.cvd is up to date (version: 31, sigs: 33079, f-level: 4, builder: tkojm)
daily.cvd is up to date (version: 855, sigs: 714, f-level: 4, builder: ccordes)
代理

如果你使用 http 代理,就需要编辑 /etc/clamav/freshclam.conf 文件,添加或修改如下内容:

HTTPProxyServer [serveraddress]
HTTPProxyPort [portnumber]

如何使用 clamav 扫描病毒?

Use clamscan. Examples:

  • To check files in the all users home directories: clamscan -r /home
  • To check all files on the computer, displaying the name of each file: clamscan -r /
  • To check all files on the computer, but only display infected files and ring a bell when found: clamscan -r --bell -i /

When ClamAV has scanned all the files you asked it to, it will report a summary:

如何使用clamav : 如下:

检查所有用户的主文件夹目录,使用命令:clamscan -r /home

检查计算机所有文件,并显示文件名,使用命令:clamscan -r /
检查计算机所有文件,仅显示受感染的文件,发现时响铃提示,使用命令:clamscan -r --bell -i /

 

----------- SCAN SUMMARY -----------
Known viruses: 33840
Scanned directories: 145
Scanned files: 226
Infected files: 1
Data scanned: 54.22 MB
I/O buffer size: 131072 bytes
Time: 20.831 sec (0 m 20 s)

Image:Information_icon.pngClamAV can only read files that the user running it can read. If you want to check all files on the system, use the sudo command (see UsingSudo for more information).


ClamAV 仅能读取本用户能够读取的文件,如果要检查系统上


所有文件,使用 sudo 命令(查看 UsingSudo,获得更多信息)。

如何在后台运行 ClamAV

Install clamav-daemon. You can then use clamdscan where you would previously have used clamscan. Lots of programs, especially e-mail servers, can connect to a ClamAV daemon. This speeds up virus scanning as the program is always in memory. The clamav-daemon package creates a 'clamav' user; in order to allow ClamAV to scan system files, such as your mail spool, you can add clamav to the group that owns the files.


安装


clamav-daemon,如果你安装了clamdscan,你可以使用clamdscan,大量的程序,特别是电子邮件服务器,可以连接到的ClamAV守护程序。这加快了病毒扫描,因为该程序常驻在内存中。clamav-daemon 程序包创建了一个'的ClamAV '用户,以便让的ClamAV扫描系统文件,如您的邮件后台程序,你可以添加的ClamAV用户到拥有该文件用户组中。

如何查看 clamav-daemon 是否正在运行?

Look for it in the processt list, or use this handy shortcut: ps ax | grep [c]lamd

如何删除被病毒感染的文件?

You can add --remove to the clamscan or clamdscan commandline.
IconWarning3.pngNote: No virus scanner is 100% accurate. It is always best to manually check the files you delete, if you are not totally sure that this is what you want to do.

如何查看 ClamAV 的版本?

Use clamdscan -v:

[email protected]:/etc/clamav # clamdscan -V
ClamAV 0.83/855/Tue Apr 26 06:40:32 2005 

Learn about other options?

Try man clamscan.

如何为 ClamAV 设置自动运行的计划任务?

You can use the at command to schedule clamscan or freshclam. For example:

at 3:30 tomorrow
at>clamscan -i /home/user > mail [email protected]
at> <CTRL-D> 
job 3 at 2005-04-28 03:30

You have now scheduled a ClamAV scan to happen on your home directory at 3:30 AM tomorrow. The output (showing only infected files) will be sent to you by e-mail.