如果 Linux 不小心中木馬,雖然重灌是最快的,但是有時候還是需要找到到底是哪裡來的,那就可以安裝一下 ClamAV 來查一下!安裝 ClamAV
yum install -y epel-release yum install -y clamav clamav-devel clamav-scanner-systemd clamav-update clamav-data clamav-server clamav-server-systemd clamav-scanner
更新病毒碼
freshclam
掃描可能有問題的目錄
例如: /var/www
clamscan -r /var/www
掃描結果
掃描完的結果如下,如果都沒有 infected 的話就恭喜啦!!
----------- SCAN SUMMARY ----------- Known viruses: 6301816 Engine version: 0.101.4 Scanned directories: 10370 Scanned files: 54594 Infected files: 0 Data scanned: 4102.07 MB Data read: 5193.95 MB (ratio 0.79:1) Time: 1100.809 sec (18 m 20 s)
掃描根目錄並把受感染的檔案移到別的目錄
# make a new folder mkdir -p /opt/clamav # scan from root folder clamscan -r -l /var/log/clamav.log --move /opt/clamav /
