ClamAV 杀毒是Linux平台最受欢迎的杀毒软件，ClamAV属于免费开源产品，支持多种平台，如：Linux/Unix、MAC OS X、Windows、OpenVMS。ClamAV是基于病毒扫描的命令行工具，但同时也有支持图形界面的ClamTK工具。ClamAV主要用于邮件服务器扫描邮件。它有多种接口从邮件服务器扫描邮件，支持文件格式有如：ZIP、RAR、TAR、GZIP、BZIP2、HTML、DOC、PDF,、SIS CHM、RTF等等。ClamAV有自动的数据库更新器，还可以从共享库中运行。

// 以下为源码包安装步骤
groupadd clamav
useradd -g clamav -s /bin/false -c "Clam Antivirus" clamav

# yum -y groupinstall "Development Tools"
# yum -y install openssl openssl-devel libcurl-devel zlib-devel libpng-devel libxml2-devel json-c-devel bzip2-devel pcre2-devel ncurses-devel

# tar xf clamav-0.101.4.tar.gz
# cd clamav-0.101.4

# ./configure --prefix=/hadoop/software/clamav --disable-clamav --disable-clamav --with-systemdsystemunitdir=no

# make && make install

//cp示例配置
cp /hadoop/software/clamav/etc/freshclam.conf.sample
/hadoop/software/clamav/etc/freshclam.conf
cp /hadoop/software/clamav/etc/clamd.conf.sample /hadoop/software/clamav/etc/clamd.conf

# 创建 log 目录
mkdir -p /hadoop/software/clamav/logs
touch /hadoop/software/clamav/logs/clamd.log
touch /hadoop/software/clamav/logs/freshclam.log
touch /hadoop/software/clamav/logs/clamscan.log

# 创建 病毒 更新
mkdir -p /hadoop/software/clamav/updata
chown -R root:clamav /hadoop/software/clamav/
chown -R clamav:clamav /hadoop/software/clamav/updata/
chown -R clamav:clamav /hadoop/software/clamav/logs/clamd.log
chown -R clamav:clamav /hadoop/software/clamav/logs/freshclam.log
chown -R clamav:clamav /hadoop/software/clamav/logs/clamscan.log

// 配置编辑
# vim /hadoop/software/clamav/etc/clamd.conf

# Example    // 注释掉这一行，编辑如下3行
LogFile /hadoop/software/clamav/logs/clamd.log
PidFile /hadoop/software/clamav/updata/clamd.pid
DatabaseDirectory /hadoop/software/clamav/updata

# vim /hadoop/software/clamav/etc/freshclam.conf
#Example    // 注释掉这一行，编辑如下3行
DatabaseDirectory /hadoop/software/clamav/updata
UpdateLogFile /hadoop/software/clamav/logs/freshclam.log
PidFile /var/run/freshclam.pid

//使用示例
/hadoop/software/clamav/bin/freshclam	// 更新病毒库
/hadoop/software/clamav/bin/clamscan --remove	// 查杀当前目录并删除感染的文件

// 对 / 进行杀毒并保存log
/hadoop/software/clamav/bin/clamscan --exclude-dir="^/sys" --infected -r / --remove -l /hadoop/software/clamav/logs/clamscan.log

 

----------- SCAN SUMMARY -----------
Known viruses: 8939128    #已知病毒
Engine version: 0.103.0   #引擎版本
Scanned directories: 134   #扫描目录数
Scanned files: 345         #扫描文件数
Infected files: 0            #受感染文件  
Data scanned: 39.09 MB     #扫描数据大小
Data read: 289.37 MB (ratio 3.84:1)   #数据读取
Time: 1263.709 sec           #花费时长
Start Date: 2020:11:10 13:36:45
End Date:   2020:11:10 13:37:48