linux 检查 恶意程序,Linux系统查毒软件ClamAV (在线安装)

# clamscan --help

Clam AntiVirus Scanner0.99.2By The ClamAV Team: http://www.clamav.net/about.html#credits

(C) 2007-2015Cisco Systems, Inc.--help -h Print thishelp screen--version -V Print version number--verbose -v Be verbose--archive-verbose -a Show filenames inside scanned archives--debug Enable libclamav‘s debug messages

--quiet Only output error messages--stdout Write to stdout instead of stderr--no-summary Disable summary at end of scanning--infected -i Only print infected files--suppress-ok-results -o Skip printing OK files--bell Sound bell on virus detection--tempdir=DIRECTORY Create temporary files inDIRECTORY--leave-temps[=yes/no(*)] Do not remove temporary files--database=FILE/DIR -d FILE/DIR Load virus database fromFILE or load

all supported db filesfromDIR--official-db-only[=yes/no(*)] Only load official signatures--log=FILE -l FILE Save scan report to FILE--recursive[=yes/no(*)] -r Scan subdirectories recursively--allmatch[=yes/no(*)] -z Continue scanning within file after finding a match--cross-fs[=yes(*)/no] Scan files and directories on other filesystems--follow-dir-symlinks[=0/1(*)/2] Follow directory symlinks (0 = never, 1 = direct, 2 =always)--follow-file-symlinks[=0/1(*)/2] Follow file symlinks (0 = never, 1 = direct, 2 =always)--file-list=FILE -f FILE Scan files fromFILE--remove[=yes/no(*)] Remove infected files. Be careful!

--move=DIRECTORY Move infected files into DIRECTORY--copy=DIRECTORY Copy infected files into DIRECTORY--exclude=REGEX Don‘t scan file names matching REGEX

--exclude-dir=REGEX Don‘t scan directories matching REGEX

--include=REGEX Only scan file names matching REGEX--include-dir=REGEX Only scan directories matching REGEX--bytecode[=yes(*)/no] Load bytecode fromthe database--bytecode-unsigned[=yes/no(*)] Load unsigned bytecode--bytecode-timeout=N Set bytecode timeout (inmilliseconds)--statistics[=none(*)/bytecode/pcre] Collect and print execution statistics--detect-pua[=yes/no(*)] Detect Possibly Unwanted Applications--exclude-pua=CAT Skip PUA sigs of category CAT--include-pua=CAT Load PUA sigs of category CAT--detect-structured[=yes/no(*)] Detect structured data (SSN, Credit Card)--structured-ssn-format=X SSN format (0=normal,1=stripped,2=both)--structured-ssn-count=N Min SSN count to generate a detect--structured-cc-count=N Min CC count to generate a detect--scan-mail[=yes(*)/no] Scan mail files--phishing-sigs[=yes(*)/no] Signature-based phishing detection--phishing-scan-urls[=yes(*)/no] URL-based phishing detection--heuristic-scan-precedence[=yes/no(*)] Stop scanning as soon as a heuristic match isfound--phishing-ssl[=yes/no(*)] Always block SSL mismatches inURLs (phishing module)--phishing-cloak[=yes/no(*)] Always block cloaked URLs (phishing module)--partition-intersection[=yes/no(*)] Detect partition intersections in raw disk images usingheuristics.--algorithmic-detection[=yes(*)/no] Algorithmic detection--scan-pe[=yes(*)/no] Scan PE files--scan-elf[=yes(*)/no] Scan ELF files--scan-ole2[=yes(*)/no] Scan OLE2 containers--scan-pdf[=yes(*)/no] Scan PDF files--scan-swf[=yes(*)/no] Scan SWF files--scan-html[=yes(*)/no] Scan HTML files--scan-xmldocs[=yes(*)/no] Scan xml-based document files--scan-hwp3[=yes(*)/no] Scan HWP3 files--scan-archive[=yes(*)/no] Scan archive files (supported by libclamav)--detect-broken[=yes/no(*)] Try to detect broken executable files--block-encrypted[=yes/no(*)] Block encrypted archives--block-macros[=yes/no(*)] Block OLE2 files with VBA macros--nocerts Disable authenticode certificate chain verification inPE files--dumpcerts Dump authenticode certificate chain inPE files--max-filesize=#n Files larger than thiswill be skipped and assumed clean--max-scansize=#n The maximum amount of data to scan for each container file (**)--max-files=#n The maximum number of files to scan for each container file (**)--max-recursion=#n Maximum archive recursion level for container file (**)--max-dir-recursion=#n Maximum directory recursion level--max-embeddedpe=#n Maximum size file to check forembedded PE--max-htmlnormalize=#n Maximum size of HTML file to normalize--max-htmlnotags=#n Maximum size of normalized HTML file to scan--max-scriptnormalize=#n Maximum size of script file to normalize--max-ziptypercg=#n Maximum size zip to type reanalyze--max-partitions=#n Maximum number of partitions indisk image to be scanned--max-iconspe=#n Maximum number of icons inPE file to be scanned--max-rechwp3=#n Maximum recursive calls to HWP3 parsing function--pcre-match-limit=#n Maximum calls to the PCRE match function.--pcre-recmatch-limit=#n Maximum recursive calls to the PCRE match function.--pcre-max-filesize=#n Maximum size file to perform PCRE subsig matching.--enable-stats Enable statistical reporting of malware--disable-pe-stats Disable submission of individual PE sections instats submissions--stats-timeout=#n Number of seconds to wait for waiting a response back fromthe stats server--stats-host-id=UUID Set the Host ID used when submitting statistical info.--disable-cache Disable caching and cache checks forhash sums of scanned files.

(*) Default scan settings

(**) Certain files (e.g. documents, archives, etc.) may inturn contain other

files inside. The above options ensure safe processing ofthis kind of data.