LinuxAVGANTIVIRUSFREE使用介紹

2024-05-08 15:56:03

字體：大中小

來源：轉載

供稿：網友

殺毒軟件AVG，沒有用過估計也有所耳聞。AVG ANTIVIRUS FREE - FOR linux 是AVG在Linux下的一款免費殺毒軟件。它的官方下載地址供了rpm、deb、源碼安裝包等多種安裝方式。下面我下載了RPM安裝包安裝

AVG ANTIVIRUS FREE - FOR LINUX安裝步驟

[root@localhost tmp]# rpm -ivh avg2013flx-r3118-a6926.i386.rpm PReparing...                ########################################### [100%]   1:avg2013flx             ########################################### [100%]Installing 'avgd' service initscripts...Registering 'avgd' service to runlevels...Please do configuration with /opt/avg/av/bin/avgsetupGenerating unique user id/usr/bin/avgdiag: /opt/avg/av/bin/avgdiag: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory/usr/bin/avgdiag: line 17: /opt/avg/av/bin/avgdiag: SuccessStarting AVG AVStarting avgd[FAILED]warning: %post(avg2013flx-r3118-a6926.i386) scriptlet failed, exit status 150

clip_image001

安裝過程遇到上面錯誤，提示安裝avg2013flx-r3118-a6926.i386.rpm需要依賴包glibc-2.12-1.80.el6_3.7.i686

[root@localhost ~]# yum whatprovides ld-linux.so.2Loaded plugins: product-id, rhnplugin, security, subscription-managerThis system is receiving updates from RHN Classic or RHN Satellite.glibc-2.12-1.149.el6.i686 : The GNU libc librariesRepo        : mediaMatched from:Other       : ld-linux.so.2   glibc-2.12-1.107.el6.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.107.el6_4.2.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.107.el6_4.4.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.107.el6_4.5.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.132.el6.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.132.el6_5.1.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.132.el6_5.2.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.132.el6_5.3.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.132.el6_5.4.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.149.el6.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.149.el6_6.4.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.149.el6_6.5.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.149.el6_6.7.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.149.el6_6.9.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.166.el6.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.166.el6_7.1.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.25.el6.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.25.el6_1.3.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.47.el6.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.47.el6_2.12.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.47.el6_2.5.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.47.el6_2.9.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.7.el6.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.7.el6_0.3.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.7.el6_0.4.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.7.el6_0.5.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.80.el6.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.80.el6_3.3.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.80.el6_3.4.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.80.el6_3.5.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.80.el6_3.6.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2   glibc-2.12-1.80.el6_3.7.i686 : The GNU libc librariesRepo        : rhel-x86_64-server-6Matched from:Other       : ld-linux.so.2

通過上面命令可以查找到所依賴的安裝包，直接安裝glibc-2.12-1.80.el6_3.7.i686

yum install glibc-2.12-1.80.el6_3.7.i686

如果在某些特殊情況下，安裝過程中有依賴關系，可以通過下面命令 yum install glibc.i686解決。

[root@localhost ~]# yum install glibc.i686Loaded plugins: product-id, rhnplugin, security, subscription-managerThis system is receiving updates from RHN Classic or RHN Satellite.Setting up Install ProcessResolving Dependencies--> Running transaction check---> Package glibc.i686 0:2.12-1.166.el6_7.1 will be installed--> Processing Dependency: glibc-common = 2.12-1.166.el6_7.1 for package: glibc-2.12-1.166.el6_7.1.i686--> Processing Dependency: libfreebl3.so(NSSRAWHASH_3.12.3) for package: glibc-2.12-1.166.el6_7.1.i686--> Processing Dependency: libfreebl3.so for package: glibc-2.12-1.166.el6_7.1.i686--> Running transaction check---> Package glibc-common.x86_64 0:2.12-1.149.el6_6.7 will be updated--> Processing Dependency: glibc-common = 2.12-1.149.el6_6.7 for package: glibc-2.12-1.149.el6_6.7.x86_64---> Package glibc-common.x86_64 0:2.12-1.166.el6_7.1 will be an update---> Package nss-softokn-freebl.i686 0:3.14.3-22.el6_6 will be installed--> Running transaction check---> Package glibc.x86_64 0:2.12-1.149.el6_6.7 will be updated--> Processing Dependency: glibc = 2.12-1.149.el6_6.7 for package: glibc-devel-2.12-1.149.el6_6.7.x86_64--> Processing Dependency: glibc = 2.12-1.149.el6_6.7 for package: glibc-headers-2.12-1.149.el6_6.7.x86_64---> Package glibc.x86_64 0:2.12-1.166.el6_7.1 will be an update--> Running transaction check---> Package glibc-devel.x86_64 0:2.12-1.149.el6_6.7 will be updated---> Package glibc-devel.x86_64 0:2.12-1.166.el6_7.1 will be an update---> Package glibc-headers.x86_64 0:2.12-1.149.el6_6.7 will be updated---> Package glibc-headers.x86_64 0:2.12-1.166.el6_7.1 will be an update--> Finished Dependency Resolution Dependencies Resolved ========================================================================================================================= Package                                            Arch                                   Version                                            Repository                                            Size=========================================================================================================================Installing: glibc                                              i686                                   2.12-1.166.el6_7.1                                 rhel-x86_64-server-6                                 4.3 MInstalling for dependencies: nss-softokn-freebl                                 i686                                   3.14.3-22.el6_6                                    rhel-x86_64-server-6                                 157 kUpdating for dependencies: glibc                                              x86_64                                 2.12-1.166.el6_7.1                                 rhel-x86_64-server-6                                 3.8 M glibc-common                                       x86_64                                 2.12-1.166.el6_7.1                                 rhel-x86_64-server-6                                  14 M glibc-devel                                        x86_64                                 2.12-1.166.el6_7.1                                 rhel-x86_64-server-6                                 985 k glibc-headers                                      x86_64                                 2.12-1.166.el6_7.1                                 rhel-x86_64-server-6                                 614 k Transaction Summary========================================================================================================================Install       2 Package(s)Upgrade       4 Package(s) Total download size: 24 MIs this ok [y/N]: yDownloading Packages:(1/6): glibc-2.12-1.166.el6_7.1.i686.rpm                                                                                                                                          | 4.3 MB     00:06     (2/6): glibc-2.12-1.166.el6_7.1.x86_64.rpm                                                                                                                                        | 3.8 MB     00:03     (3/6): glibc-common-2.12-1.166.el6_7.1.x86_64.rpm                                                                                                                                 |  14 MB     00:13     (4/6): glibc-devel-2.12-1.166.el6_7.1.x86_64.rpm                                                                                                                                  | 985 kB     00:00     (5/6): glibc-headers-2.12-1.166.el6_7.1.x86_64.rpm                                                                                                                                | 614 kB     00:00     (6/6): nss-softokn-freebl-3.14.3-22.el6_6.i686.rpm                                                                                                                                | 157 kB     00:00     -----------------------------------------------------------------------------------------------------------------------Total                                                                                                                                                                    680 kB/s |  24 MB     00:36     Running rpm_check_debugRunning Transaction TestTransaction Test SucceededRunning TransactionWarning: RPMDB altered outside of yum.** Found 3 pre-existing rpmdb problem(s), 'yum check' output follows:2:postfix-2.6.6-6.el6_5.x86_64 has missing requires of libMySQLclient.so.16()(64bit)2:postfix-2.6.6-6.el6_5.x86_64 has missing requires of libmysqlclient.so.16(libmysqlclient_16)(64bit)2:postfix-2.6.6-6.el6_5.x86_64 has missing requires of mysql-libs  Updating   : glibc-2.12-1.166.el6_7.1.x86_64                                                                                                                                                      1/10   Updating   : glibc-common-2.12-1.166.el6_7.1.x86_64                                                                                                                                               2/10   Updating   : glibc-headers-2.12-1.166.el6_7.1.x86_64                                                                                                                                              3/10   Installing : nss-softokn-freebl-3.14.3-22.el6_6.i686                                                                                                                                              4/10   Installing : glibc-2.12-1.166.el6_7.1.i686                                                                                                                                                        5/10   Updating   : glibc-devel-2.12-1.166.el6_7.1.x86_64                                                                                                                                                6/10   Cleanup    : glibc-devel-2.12-1.149.el6_6.7.x86_64                                                                                                                                                7/10   Cleanup    : glibc-headers-2.12-1.149.el6_6.7.x86_64                                                                                                                                              8/10   Cleanup    : glibc-2.12-1.149.el6_6.7.x86_64                                                                                                                                                      9/10   Cleanup    : glibc-common-2.12-1.149.el6_6.7.x86_64                                                                                                                                              10/10 media/productid                                                                                                                                                                   | 1.6 kB     00:00 ...   Verifying  : glibc-common-2.12-1.166.el6_7.1.x86_64                                                                                                                                               1/10   Verifying  : glibc-devel-2.12-1.166.el6_7.1.x86_64                                                                                                                                                2/10   Verifying  : nss-softokn-freebl-3.14.3-22.el6_6.i686                                                                                                                                              3/10   Verifying  : glibc-headers-2.12-1.166.el6_7.1.x86_64                                                                                                                                              4/10   Verifying  : glibc-2.12-1.166.el6_7.1.i686                                                                                                                                                        5/10   Verifying  : glibc-2.12-1.166.el6_7.1.x86_64                                                                                                                                                      6/10   Verifying  : glibc-devel-2.12-1.149.el6_6.7.x86_64                                                                                                                                                7/10   Verifying  : glibc-headers-2.12-1.149.el6_6.7.x86_64                                                                                                                                              8/10   Verifying  : glibc-2.12-1.149.el6_6.7.x86_64                                                                                                                                                      9/10   Verifying  : glibc-common-2.12-1.149.el6_6.7.x86_64                                                                                                                                              10/10  Installed:  glibc.i686 0:2.12-1.166.el6_7.1                                                                                                                                                                         Dependency Installed:  nss-softokn-freebl.i686 0:3.14.3-22.el6_6                                                                                                                                                               Dependency Updated:  glibc.x86_64 0:2.12-1.166.el6_7.1           glibc-common.x86_64 0:2.12-1.166.el6_7.1           glibc-devel.x86_64 0:2.12-1.166.el6_7.1           glibc-headers.x86_64 0:2.12-1.166.el6_7.1           Complete!

先卸載avg2013flx-r3118-a6926.i386包，然后安裝

[root@localhost ~]# rpm -e avg2013flx-r3118-a6926.i386Unregistering 'avgd' service ...Uninstalling 'avgd' service initscripts...[root@localhost ~]#  [root@localhost tmp]# rpm -ivh avg2013flx-r3118-a6926.i386.rpm Preparing...                ########################################### [100%]   1:avg2013flx             ########################################### [100%]Installing 'avgd' service initscripts...Registering 'avgd' service to runlevels...Please do configuration with /opt/avg/av/bin/avgsetupGenerating unique user idProcessing command line ...Cfg file not specified using /opt/avg/av/cfg/diagcfg.xml.New installation ID succesffully generated.Starting AVG AVStarting avgd[  OK  ]

clip_image002

AVG ANTIVIRUS FREE - FOR LINUX幫助信息

幫助文檔位于/opt/avg/av/doc/README，囊括了安裝、使用各方面幫助信息。非常有用。建議使用前先查看相關幫助信息

[root@localhost ~]# cat /opt/avg/av/doc/README

================================

AVG Anti-Virus for Linux/FreeBSD

Version 2013

================================

System requirements

-------------------

AVG Anti-Virus for Linux/FreeBSD requires system with following or

newer library:

- libc.so.6 (Linux)

- libc.so.7 (FreeBSD RELEASE-7.3)

  For RELEASE-8 and CURRENT the compat7x port located in /usr/ports/misc is

  needed.

- libiconv.so.3 (FreeBSD)

- for amd64 architecture the lib32 compat libraries are needed

For on-access scanning feature either redirfs, dazuko or dazukofs is needed.

Please follow the avgoad(1) man page for more detail description.

Minimum hardware requirements:

- CPU: i686 or amd64 on 800 MHz

- Mem: 512 MB, 1GB is recommended

- HDD: 500 MB of free space

Installation

------------

Download latest rpm, deb, sh or tar.gz package from http://www.avg.cz/linux and

follow these steps:

* Installation from RPM (Linux only)

# rpm -i avg2013flx-r{release}-a{vdb version}.{architecture}.rpm

* Installation from .deb (Linux only)

# dpkg -i avg2013flx-r{release}-a{vdb version}.{architecture}.deb

* Installation from sh

# chmod +x avg2013flx-r{release}-a{vdb version}.{architecture}.sh

# ./avg2013flx-r{release}-a{vdb version}.{architecture}.sh

* Installation from .tar.gz

# tar xzvf avg2013{edition}-r{release}-a{vdb version}.{architecture}.tar.gz

# cd avg2013{edition}-r{release}-a{vdb version}.{architecture}

# ./install.sh

where:

- edition substitutes 'flx' for the Linux version and 'ffb' for the FreeBSD version

- release substitutes the build number

- vdb version substitutes virus database version

- architecture substitutes the target cpu architecture

It is recommended to run 'avgsetup' helper tool after the installation.

Running AVG

-----------

For any action to be performed within AVG system, such as updating, scanning,

e-mail server functionality or on-access server functionality, so called AVG

daemons have to be running.

AVG daemons are launched automatically on system boot by init script. Later,

they can be controlled either by init script or by special avgctl command line

tool.

1) Usage of init script on Linux / FreeBSD.

* Linux

# /etc/init.d/avgd  {start|stop|status|restart|condrestart}

* FreeBSD

# /usr/local/etc/rc.d/avgd.sh {start|stop|status|restart|condrestart}

2) Usage of avgctl command line tool

# avgctl --start[=component]      Starts AVG or specified component.

# avgctl --stop[=component]       Stops AVG or specified component.

# avgctl --stat[=component]       Shows statistics of AVG or specified component.

# avgctl --restart[=component]    Restarts AVG or specified component.

# avgctl --reset=component        Resets statistics of specified component.

For more detailed information please refer to the respective man page or avgctl help.

Description

-----------

Avg functions are secured by several daemons that are managed via command-line.

DAEMONS:

   avgd       -- general AVG daemon; starts first, manages other AVG daemons

   avgavid    -- AVI daemon; loads AVI into shared memory

   avgsched   -- scheduler for planning periodic events (update etc.)

   avgtcpd    -- e-mail scanning daemon; supports SMTP, AVG, and Milter protocol

   avgspamd   -- anti-spam daemon

   avgscand   -- anti-virus daemon

   avgupd     -- update daemon

   avgoad     -- on-access daemon

COMMAND-LINES:

   avgctl     -- basic control of AVG product, such as launching, stopping,

                 restarting, and getting statistics from running daemons

   avgcfgctl  -- can get and set configurations values

   avgscan    -- launch on-demand scan of requested path

   avgupdate  -- run virus database update or program update via avgupd with

                 specified parameters

   avgvvctl   -- AVG virus vault control utility

   avgdiag    -- tool for sending problem reports to crash analysis portal

   avgevtlog  -- tool for reading/managing AVG event log

   avgsetup   -- helper tool for basic integration with mail/file server

For more detailed information please refer to the respective man page.

AVG process tree (might look different in your configuration):

/opt/avg/av/bin//avgd

 /--- /opt/avg/av/bin/avgavid

 /--- /opt/avg/av/bin/avgtcpd

 |     /--- /opt/avg/av/bin/avgscand -c 3

 /--- /opt/avg/av/bin/avgspamd

 /--- /opt/avg/av/bin/avgoad

 |     /--- /opt/avg/av/bin/avgscand -c 4

 /--- /opt/avg/av/bin/avgsched

If update is running:

 /--- /opt/avg/av/bin/avgupd

/bin/login --

  /--- -bash

        /--- /opt/avg/av/bin/avgupdate

If on-demand scan is running:

/bin/login --

 /--- -bash

       /--- /opt/avg/av/bin/avgscan /

             /--- /opt/avg/av/bin/avgscand -c 10

Diagnostic and system report

----------------------------

In case of troubles with any AVG Technologies product, gathering of specific

data is being performed by the avgdiag utility.

When sending data manually, it is very important to attach a detailed

description of this particular problem and to specify it with "-d, --dsc=<file>"

switches.  It is also good to make sure that AVG customer support assigns a

specific ID to your report, which eventually facilitates its identification

(this is being defined by "-i, --id=<id>" switches).

Automatic reporting of AVG processes crashes is turned off by default; if you

want to enable this function, please add AVG_DIAG option to your

/opt/avg/av/cfg/dump.ini file.  For example:

"actions = GDB_DUMP CRASH INFO AVG_DIAG"

This configuration ensures that should any AVG process crash, an adequate report

will be immediately sent to AVG Technologies.

For more detailed information please refer to the man page of avgdump, avgdiag

help or /opt/avg/av/doc/README.avgdiag document.

3rd party licenses

------------------

This product may use any of the 3rd party software which appropriate

copyright/license is enclosed in the "licenses" subdirectory.

A copy of Milter source code used in AVG is available upon request.

Copyrights

----------

libtar, Copyright (c) 1998-2003 University of Illinois Board of

Trustees, Copyright (c) 1998-2003 Mark D. Roth, All rights reserved.

MD4 and md5 Message-Digest Algorithm, Copyright (C) 1991-2, RSA Data

Security, Inc. Created 1991. All rights reserved.

AVG ANTIVIRUS FREE - FOR LINUX服務啟動

查看、啟動、停止AVG Antiviruse服務可以通過下面命令操作

/etc/init.d/avgd {start|stop|status|restart|condrestart}

[root@localhost ~]# service avgd status

Checking for service avgd: (pid 15822) is running

AVG ANTIVIRUS FREE - FOR LINUX常用命名

具體命令使用幫助，可以查看幫助文檔。在此略過。

COMMAND-LINES:

   avgctl     -- basic control of AVG product, such as launching, stopping,

                 restarting, and getting statistics from running daemons

   avgcfgctl  -- can get and set configurations values

   avgscan    -- launch on-demand scan of requested path

   avgupdate  -- run virus database update or program update via avgupd with

                 specified parameters

   avgvvctl   -- AVG virus vault control utility

   avgdiag    -- tool for sending problem reports to crash analysis portal

   avgevtlog  -- tool for reading/managing AVG event log

   avgsetup   -- helper tool for basic integration with mail/file server

AVG ANTIVIRUS FREE - FOR LINUX更新命令

avgupdate 可以更新反病毒數據庫和應用程序。

avgupdate -h 查看更新幫助信息

clip_image003

[root@localhost ~]#avgupdate

clip_image004

clip_image005

在測試環境有一次碰到下面錯誤，重啟相關服務后，問題解決。

[root@localhost ~]# avgupdate

AVG command line update

Running update.

Operation failed. The exit code could not be got because the thread or process is still alive.

[root@localhost ~]#

AVG ANTIVIRUS FREE - FOR LINUX掃描殺毒

查看相關幫助信息

[root@localhost ~]# avgscan -hAVG command line Anti-Virus scannerCopyright (c) 2013 AVG Technologies CZ Anti-Virus scanner usage:avgscan [options] [path-list]Options:        -h, --help               Display this help.        -v, --version            Display version.        -d, --debug              Verbose mode. Multiple -d options increase the                                 verbosity. The maximum is 3.        -T, --tui                Use a terminal user interface.        -x, --exclude=<path>     Exclude path from scan. Multiple --exclude can                                 be specified.        -e, --ext=<extension>    Scan files with specified extension. Multiple                                 --ext can be specified. Can't be used with                                  --noext option.        -n, --noext=<extension>  Exclude files with specified extension.                                 Multiple --noext options can be specified.                                 Can't be used with --ext option.        -l, --heal               Automatically heal infected object.        -t, --delete             Automatically delete infected object.        -u, --vv-move            Automatically move infected object into vault.        -U, --vv-backup          Backup infected object if healed by deletion.            --ignerrors          Do not report object scan errors.        -H, --heur               Use heuristics for scanning. By default on.            --no-heur            Disable heuristics for scanning.        -p, --pup                Scan for Potentially Unwanted Programs.                                 By default on.            --no-pup             Disable scanning for PUPs.        -P, --pup2               Scan for enhanced set of Potentially Unwanted                                 Programs.        -c, --coo                Scan cookies.        -i, --hidext             Recognize hidden extensions.        -m, --macrow             Report documents with macros.        -o, --repok              Report also clean files.        -w, --pwdw               Report passWord protected files.        -b, --arcbombsw          Report archive bombs. By default on.            --no-arcbombsw       Do not report archive bombs.        -M, --media              Do not scan through media files.        -j, --paranoid           Enable paranoid mode. Scan for less dangerous                                 malware and more time consuming algoritms.        -r, --report=<filename>  Save scan report to specified file.        -a, --arc                Scan through archives.        -L, --arc-reclevel=N     Maximum recursion level while scanning archives.                                 Default value is 40.        -S, --arc-maxfilesize=N  Maximum file size extracted from archives.                                 Default value is 268435456 B.        -N, --arc-maxfilenum=N   Maximum number of files scanned in archives.                                 Default value is 50000.        -B, --boot-sector        Scan boot sector.        -s, --specfs             Scan special filesystems.        -R, --reclevel=N         Descend at most N (a non-negative integer)                                 levels of directories. Default value is 16384.        -W, --winsysdir          Specifies a comma separated list of windows                                 system directories. Any infected files found                                 in this directory are marked as whitelisted                                 in order to protect these files from being                                 removed/moved to vault.        -F, --filelist=<filename> Scan file paths specified in given file, all                                  other paths on command line will be ignored.        -k, --registryscan       Scan Windows registry.

[root@localhost ~]# avgscan /

AVG command line Anti-Virus scanner

Copyright (c) 2013 AVG Technologies CZ

Virus database version: 4311/10513

Virus database release date: Wed, 26 Aug 2015 07:03:00 -1600

/lib/modules/2.6.32-504.16.2.el6.x86_64/build  Object scan failed; Specified file was not found.

/lib/modules/2.6.32-504.16.2.el6.x86_64/source  Object scan failed; Specified file was not found.

/lib/modules/2.6.32-504.el6.x86_64/build  Object scan failed; Specified file was not found.

/lib/modules/2.6.32-504.el6.x86_64/source  Object scan failed; Specified file was not found.

Files scanned     :  13975(13975)

Infections found  :  0(0)

PUPs found        :  0

Files healed      :  0

Warnings reported :  0

Errors reported   :  4

clip_image006

AVG ANTIVIRUS FREE - FOR LINUX查看記錄

avgevtlog 命令查看查殺、更新記錄

clip_image007

AVG ANTIVIRUS FREE - FOR LINUX查看設置參數

avgcfgctl — can get and set configurations values 設置、獲取配置參數值

[root@localhost ~]# avgcfgctlAVG command line avgcfgctlCopyright (c) 2013 AVG Technologies CZ Default.aspam.spamassassin.address=127.0.0.1Default.aspam.spamassassin.enabled=trueDefault.aspam.spamassassin.port=783Default.aspam.spamfilter=Default.oad.avflt.paths.exclude=Default.oad.avflt.paths.include=Default.oad.avflt.timeout=0Default.oad.darwin.cache.hashtable_size=4096Default.oad.darwin.cache.max_items_number=65536Default.oad.darwin.paths.exclude=|/dev|/proc|/sys|Default.oad.darwin.paths.include=Default.oad.dazuko.cache.hashtable_size=4096Default.oad.dazuko.cache.max_items_number=65536Default.oad.dazuko.events.close=falseDefault.oad.dazuko.events.close_modified=trueDefault.oad.dazuko.events.exec=trueDefault.oad.dazuko.events.open=trueDefault.oad.dazuko.paths.exclude=|/dev|/proc|/sys|Default.oad.dazuko.paths.include=Default.oad.deny_on_error=falseDefault.oad.fanotify.cache.hashtable_size=4096Default.oad.fanotify.cache.max_items_number=65536Default.oad.fanotify.paths.exclude=Default.oad.fanotify.paths.include=Default.oad.timeout=0Default.oad.use=fanotifyDefault.scan.Options.PupExceptions=Default.setup.daemonize=trueDefault.setup.features.antispam=falseDefault.setup.features.oad=trueDefault.setup.features.scheduler=trueDefault.setup.features.tcpd=trueDefault.tcpd.avg.address=127.0.0.1Default.tcpd.avg.enabled=trueDefault.tcpd.avg.limiter_start=220Default.tcpd.avg.limiter_stop=250Default.tcpd.avg.ports=|54322|Default.tcpd.avg.queue_max=20Default.tcpd.avg.read_timeout=0Default.tcpd.avg.request_timeout=0Default.tcpd.avg.samba_plugin_socket=Default.tcpd.avg.samba_plugin_support_enabled=falseDefault.tcpd.avg.socket=Default.tcpd.avg.use_socket=falseDefault.tcpd.milter.enabled=falseDefault.tcpd.milter.socket=Default.tcpd.milter.verbosity=0Default.tcpd.parsing.mime_certification_enabled=falseDefault.tcpd.rules.spam.action=0Default.tcpd.rules.spam.bounce_addr=Default.tcpd.rules.virus.action=0Default.tcpd.rules.virus.bounce_addr=Default.tcpd.scan.header.enabled=trueDefault.tcpd.scan.max_restarts=3Default.tcpd.scan.subj_prefix=[VIRUS]Default.tcpd.scan.time_window=90Default.tcpd.smtp.address=127.0.0.1Default.tcpd.smtp.client_address=127.0.0.1Default.tcpd.smtp.client_port=10025Default.tcpd.smtp.drop_after_crash=falseDefault.tcpd.smtp.enabled=trueDefault.tcpd.smtp.envelope_memory_limit=0Default.tcpd.smtp.limiter_start=220Default.tcpd.smtp.limiter_stop=250Default.tcpd.smtp.ports=|54321|Default.tcpd.smtp.queue_max=20Default.tcpd.smtp.read_buffer=102400Default.tcpd.smtp.read_timeout=0Default.tcpd.smtp.request_timeout=0Default.tcpd.spam.enabled=trueDefault.tcpd.spam.header.enabled=trueDefault.tcpd.spam.subj_prefix=[SPAM]Default.tcpd.threads.max=20Default.tcpd.threshold.spam=1000Default.tcpd.threshold.virus=1000Default.update.Inet.UpdateServerName=|free update server|backup free update server|Default.update.Inet.UpdateServerURL=|+http://guru.avg.com/softw/13free/update/|+http://bguru.avg.cz/softw/13free/update/|Default.update.Inet.disconnect_speed_limit=500Default.update.Inet.disconnect_time_limit=300Default.update.Options.Proxy.AuthenticationType=0Default.update.Options.Proxy.Login=Default.update.Options.Proxy.Mode=0Default.update.Options.Proxy.Password=Default.update.Options.Proxy.Port=3128Default.update.Options.Proxy.Server=Default.update.Options.Proxy.UseLogin=falseDefault.vv.system_location=vaultDefault.vv.user_location=.avg/vaultOad.scan.AutomaticActions.BackupInVault=falseOad.scan.AutomaticActions.Enabled=falseOad.scan.AutomaticActions.PreferedAction=1Oad.scan.Options.ParanoidMode=falseOad.scand.maxscanproc=0Tcpd.scan.DirOptions.Extensions=Tcpd.scan.DirOptions.MaxRecursionDepth=16384Tcpd.scan.DirOptions.ScanAllFiles=trueTcpd.scan.DirOptions.ScanFilesWithoutExtensions=trueTcpd.scan.Options.ArchiveLevel=256Tcpd.scan.Options.DetectCookies=falseTcpd.scan.Options.DetectPup2=falseTcpd.scan.Options.DetectPup=trueTcpd.scan.Options.MaxFileSize=268435456Tcpd.scan.Options.MaxNumberOfFiles=50000Tcpd.scan.Options.MaxRecursionDepth=40Tcpd.scan.Options.ParanoidMode=falseTcpd.scan.Options.ReportArchiveBombs=trueTcpd.scan.Options.ReportHiddenExtensions=falseTcpd.scan.Options.ReportMacros=falseTcpd.scan.Options.ReportPwdProtectedArchs=falseTcpd.scan.Options.ReportPwdProtectedDocs=falseTcpd.scan.Options.ScanMediaFiles=trueTcpd.scan.Options.UseHeuristics=trueTcpd.scan.mail.strip.alldoc=falseTcpd.scan.mail.strip.alldoclist=|DO?|XL?|VBX|RTF|PP?|POT|MDA|MDB|XML|DOC?|DOT?|XLS?|XLT?|XLAM|PPT?|POT?|PPS?|SLD?|PPAM|THMX|PDF|Tcpd.scan.mail.strip.allexe=falseTcpd.scan.mail.strip.allexelist=|COM|DRV|EXE|OV?|PGM|SYS|BIN|CMD|DEV|386|SMM|VXD|DLL|OCX|BOO|SCR|ESL|CLA|CLASS|BAT|VBS|VBE|WSH|HTA|CHM|INI|HTT|INF|JS|JSE|HLP|SHS|PRC|PDB|PIF|php|ASP|LNK|PL|CPL|WMF|Tcpd.scan.mail.strip.enable=falseTcpd.scan.mail.strip.list=Tcpd.scand.maxscanproc=0UpdateProgram.sched.Repeat.BaseTime=INVALIDTIMEUpdateProgram.sched.Repeat.Interval=12UpdateProgram.sched.Repeat.Type=1UpdateProgram.sched.Task.Disabled=trueUpdateProgram.sched.Task.MissedStartAction=1UpdateProgram.sched.Task.StartType=2UpdateProgram.sched.Times.DayOfMonth=1UpdateProgram.sched.Times.DayOfWeek=0UpdateProgram.sched.Times.GracePeriod=300UpdateProgram.sched.Times.SelectedDays=127UpdateProgram.sched.Times.StartTime=2007-06-22/08-00-00UpdateProgram.sched.Update.Path=UpdateProgram.sched.Update.Source=inetUpdateVir.sched.Repeat.BaseTime=INVALIDTIMEUpdateVir.sched.Repeat.Interval=4UpdateVir.sched.Repeat.Type=1UpdateVir.sched.Task.Disabled=falseUpdateVir.sched.Task.MissedStartAction=1UpdateVir.sched.Task.StartType=2UpdateVir.sched.Times.DayOfMonth=1UpdateVir.sched.Times.DayOfWeek=0UpdateVir.sched.Times.GracePeriod=180UpdateVir.sched.Times.SelectedDays=127UpdateVir.sched.Times.StartTime=2007-06-22/17-00-00UpdateVir.sched.Update.Path=UpdateVir.sched.Update.Source=inet

clip_image008

AVG ANTIVIRUS FREE - FOR LINUX 的掃描速率非常之快，消耗的資源也比較少。至于查殺能力如何呢，暫時還沒有看到權威的評測的資料。暫時不能做過多評論。

在上篇文章“記一次Linux服務器上查殺木馬經歷”里面，我介紹了使用ClamAV清理了木馬程序，當時以為清理干凈了，但是過了一天后，使用NetHogs又發現可疑進程。使用ClamAV查殺清理又發現感染了Linux.BackDoor.Gates，查殺完成后，重啟系統后到目前為止沒有發現任何異常情況。后來我在這臺Linux服務器安裝了AVG Anti-Virus，掃描倒是非?？欤菴lamAV的速度要快出幾個等級，但是查殺能力無法驗證。倒是掃出了很多Linux.BackDoor.Gates創建的一些鏈接。ClamAV倒是沒有掃出這些。

clip_image009

[root@LNX17 ~]# ls -lrt /etc/rc.d/rc5.d/S97DbSecurityMdt lrwxrwxrwx. 1 root root 25 Jul 17 08:28 /etc/rc.d/rc5.d/S97DbSecurityMdt -> /etc/init.d/DbSecurityMdt[root@LNX17 ~]# ls -lrt /etc/init.d/DbSecurityMdtls: cannot access /etc/init.d/DbSecurityMdt: No such file or directory[root@LNX17 ~]#

清理這些鏈接后，已經過了幾天，再也沒有發現異常情況，從網絡發包、收包情況看，已經沒有任何異常情況。

rm -f /etc/rc.d/rc5.d/S97DbSecurityMdt rm -f /etc/rc.d/rc5.d/S99selinuxrm -f /etc/rc.d/rc4.d/S97DbSecuritySpt rm -f /etc/rc.d/rc4.d/S97DbSecurityMdt rm -f /etc/rc.d/rc4.d/S99selinux rm -f /etc/rc.d/rc1.d/S97DbSecuritySpt  rm -f /etc/rc.d/rc1.d/S97DbSecurityMdt  rm -f /etc/rc.d/rc1.d/S99selinux  rm -f /etc/rc.d/rc3.d/S97DbSecuritySpt  rm -f /etc/rc.d/rc3.d/S97DbSecurityMdt rm -f /etc/rc.d/rc3.d/S99selinux  rm -f /etc/rc.d/rc2.d/S97DbSecuritySpt  rm -f /etc/rc.d/rc2.d/S97DbSecurityMdt rm -f /etc/rc.d/rc2.d/S99selinux 