Security :: Computer Is INFECTED According To ClamAV?

Apr 11, 2010

I recently ran a virus scan on my CentOS server using ClamAV's "clamscan" command to scan my entire system for virus. After the scan was complete it says that I have 1 infected file on my computer. I COMPLETELY FREAKED OUT! Is there some kind of log that I should read to see where the infected files are? Also does ClamAV just scan your system for virus or does it scan and remove the virus on the computer.If you know of an alternative open source security software,

View 3 Replies


Ubuntu Security :: How To Repair Virus Infected Files With ClamAV

Mar 29, 2011

I have seen that we can scan for viruses and also virus infected files with ClamAV but is there any possibility that ClamAV can repair virus infected files.

View 1 Replies View Related

Security :: Computer Has Been Infected With Trojans?

Jan 7, 2010

I'm now running Ubuntu 9.04. There are 2 accounts on this computer, one is linux, the other is ubuntu. Before New year, everything had been fine. But after new year, I came back and found that the password of this account linux has been changed. So I fixed using my rescue disk. But since that day on, it seems that this password changes everyday somehow. Everyday when I'm trying to log into my Ubuntu System using the account linux, it says login failed. However, i can still login using the account ubuntu. I'm really confused. Why is this? I checked the date of expiry. Everything seems to be fine.

View 14 Replies View Related

Ubuntu Security :: ISP Keeps Complaining About Infected Computer

Feb 27, 2011

For a while my ISP has been sending me emails regarding an infected computer or computers on my local network. There are 4 computers running linux and 3 running windows on said network (3x ubuntu, gentoo, 2x windows server 2003 and windows 7).Now, I haven't used Windows in oh so many years and am not responsible for those computers on this network. Does it seem like this is a virus on a Windows host or should I research and adjust my iptables settings on the router? The applied anti-virus software (I don't know which one) apparently does not find any infections. On my workstation I'm using spotify and win32 office through wine, both obtained from legal and trusted sources, and would thus not consider my wine environment a threat.

View 4 Replies View Related

Ubuntu :: ClamAV Finds Infected Calc Spreadsheet

Mar 4, 2011

ClamAV tells me that three of my Calc spreadsheets may be infected (status "MBL_144360.UNOFFICIAL", if that means anything). This seems not entirely implausible, since yesterday I used a USB stick to transfer files from a Windows system. Anyway, I'd really like to keep these spreadsheets. Can I disinfect them somehow?

View 2 Replies View Related

Fedora Security :: Always Failing - Clam Found 9 Infected Notes Infected With: "Worm.Allaple-319"

Nov 10, 2010

I Clam-scanned a bunch of old CD's.. Clam found 9 infected notes infected with: "Worm.Allaple-319"... I wonders if this was my problem with Ubuntu always failing..? These are some of my best notes.. Is it possible to clean the bugs out of them with Fedora..?

View 8 Replies View Related

Security :: LAN Hacked - How To Find Infected Machine

Jul 3, 2009

I have LAN with 20 machines. I see that one of them is infected. Its sending a lot of packets to the internet. My internet connection at this momment is realy slow. What should I do? How to detect which machine is infected? I'm using hardware firewall. Fortigate... Its hard to configure there nice logs. Any good software. I don't want to switch off network cable from each machine and check.

View 10 Replies View Related

Security :: Detect Infected PC In LAN (Sending Packets To Internet)

Jul 17, 2009

In my network I have 25 workstations and some serves. Everything working in local LAN with firewall. The problem is that on one machine (I dont know which one) is installed software which sending data to the internet. Actually I dont know what it is. Last time as I remember was trojan which can create new network interfaces in windows and send some data to the internet. The half speed of my network connection is used by this infected machine. How can I detect which machine it is? How can I listen/capture some traffic and analyze from which machine I have more connections.

Please take a look on this time. Instead of 141-150ms should be 4-5ms.

64 bytes from (62.xx.191.74): icmp_seq=1 ttl=249 time=141 ms
64 bytes from (62.xx.191.74): icmp_seq=2 ttl=249 time=135 ms
64 bytes from (62.xx.191.74): icmp_seq=3 ttl=249 time=147 ms
64 bytes from (62.xx.191.74): icmp_seq=4 ttl=249 time=127 ms
64 bytes from (62.xx.191.74): icmp_seq=5 ttl=249 time=156 ms
64 bytes from (62.xx.191.74): icmp_seq=6 ttl=249 time=129 ms
64 bytes from (62.xx.191.74): icmp_seq=7 ttl=249 time=188 ms

How can I detect which machine is infected using only linux and keyboard ?

View 5 Replies View Related

Security :: Compromised Systems Notify Hacker They Are Infected

Dec 4, 2010

I have a server connected to the internet placed in a DMZ that was running ProFTPD. A couple of weeks ago there was a security threat uncovered that would grant access to external users through a buffer overflow. Of course I patched my ProFTPD quite often after that to secure my server. Now my problem is that the servers of ProFTPD were compromised and that source code with a back-door was released. To make matters worse compromised systems notify the hacker they are infected. is there any way to ensure I don't have a root-kit installed short of reinstalling the system?

View 4 Replies View Related

Security :: Server Infected With Scanssh - Pscan2 - ./sshf

Jul 31, 2010

I am facing a security issue on my server. I can see many process like pscan2, scanssh and ./sshf processing on 'top'. The owner of these processes is non root account. Can anybody let me know what can be the extent of loss due to these suspicious scripts? How can I permanently remove these scripts from my server. Please note that I am using CentOS 5.5 (64bit).

View 4 Replies View Related

Security :: Detecting Infected Hosts - Honeypots - Wireshark - Nepenthes

Sep 2, 2010

Is there a 'plugin' for wireshark to analyze traffic and spot infected (windows) hosts? I have been using nepenthes with no luck. (and doubt all hosts are clean) is there some better way (other than using antivirus on each host)?

View 10 Replies View Related

Ubuntu Security :: Run A Program That Is Infected With A Trojan / Virus In Wine Will Effect It

May 2, 2010

if i run a program that is infected with a trojan/virus in Wine will it effect Ubuntu?

View 9 Replies View Related

Ubuntu Security :: Safe To Transfer Files From Infected Windows Partition?

Sep 2, 2010

My Windows XP Pro laptop has been attacked! Windows will no longer update and Microsoft Security Essentials will not update either. I've been trying to resolve the issue for over two weeks with Microsoft support, but it's just taking too long. I also tried some rescue CD options (all running some form of Linux, obviously):

- BitDefender Rescue CD (removed infections, now detects nothing),
- Kaspersky Rescue CD 10 (removed infections, now detects nothing),
- Trinity Rescue CD (won't load AV Engine, so can't use it to do anything).

Malwarebytes cleaned a bunch of stuff, but will not clean the final threat detected (it's supposed to get deleted on reboot, but never does). Hijack.FolderOptions is stuck in the accursed registry, and it keeps causing Windows Explorer to crash. I cannot rename files or work with them or everything just crashes.

So I'm ready to reinstall XP from scratch, and add a dual boot with Xubuntu & LXDE, which I'm already running on a much older laptop.

Question: I want to rescue the files I need. My idea was:

1) Install Xubuntu with dual boot.
2) Copy over files from Windows XP partition using Xubuntu.
3) Back up files to an external drive using Xubuntu.
4) Reinstall XP Pro and format hard drive.
5) Reinstall Xubuntu with dual boot.
6) Use Xubuntu for daily use.
7) Only use XP for those tasks that require it (TomTom updates ...)

Should I be concerned about the security risk from copying files from the Windows partition to the Xubuntu partition, and from there onto an external hard drive?

Is this the way to do it, or is there a better way? I just want my laptop back in working order. Right now I can't use it for anything.

View 8 Replies View Related

Ubuntu Security :: Clam Antivirus Does Not Prompt There Is A Virus When Opened The Infected File Or Link?

Aug 5, 2010

does it effective using ClamAV as Privoxy antivirus? I have actually configure it but it does not seem to come into any effect.Why?I test it with Eicar(test virus) online and it does not even prompt there is a problem unless i have scanned.Beside that,i have installed ClamAV daemon along with it. [URL]


Issue :How come the Clam Antivirus does not prompt there is a virus when i opened the file or problem link?Does it work difference as Window OS antivirus which prompt when there is a virus detected?

View 9 Replies View Related

Security :: Run Clamav On Mount Of Flashdrive?

Mar 23, 2010

I am working on a production system on which it is not advisable to enable on-access scan with use of Dazuko. However, I want to do an automatic scan with clamscan when the flashdrive is mounted. As far as I know, Kudzu is arranging the automount of the flashdrives.

View 5 Replies View Related

Ubuntu Security :: Clamtk GUI Front End For ClamAV?

Sep 15, 2010

Does anyone know how to update Clamtk from 4.25 to 4.29 through Software Sources?

View 1 Replies View Related

Ubuntu Security :: ClamAV Cant Upgrade Or Install??

Dec 10, 2010

what a horrendous piece of software. Ive been at it 3 days trying to do something that ought to be simple and everytime i solve one problem another problem arises. at first I removed the old clamav 9.5 or something. I got the latest ubuntu release btw, and Clamav used to work when i first installed it in the previous ubuntu release. anyway, it asked me to upgrade, so since synaptic doesnt have the latest, i downloaded from sourceforge. I did the whole ./configure gave me errors like need build-essentials-- which i then did, error: need zlib.dv--- I did that one too. Now two more errors that i need to fix so I can compile it.

View 1 Replies View Related

Ubuntu Security :: Clamav 0.97 New Version Upgrade Available

Feb 8, 2011

I checked on clamav web site but no way to install it yet on Maverick.

View 4 Replies View Related

Ubuntu Security :: Setup Clamav Update To Run Every Hour?

Jan 15, 2010

how to schedule updates for clamav (every hour)?

View 9 Replies View Related

Ubuntu Security :: Installed Clamav But Can't Find It On Menu

Jan 26, 2010

I've installed Clamav antivirus from synaptics but I can't find it on any menu now. How can I run it?

View 4 Replies View Related

Ubuntu Security :: Downloaded With A Terminal The Program ClamAV?

Feb 14, 2010

I just downloaded with a terminal the program ClamAV. But where it is located? I don't see it in Application - accessories -etc ? neither in "Places", etc where it is? ps: the place where I found about this was here:[URL]...

View 4 Replies View Related

Ubuntu Security :: Clamav Scan Results And Out Of Date?

May 29, 2011

I am a newbie in ubuntu. I did clamscan on my ubuntu /, and I got the result message as follow. it shows "486 errors" I am wondering if the result is OK or I need to do some action on it.

Known viruses: 968595
Engine version: 0.96.5
Scanned directories: 28067
Scanned files: 131696
Infected files: 0
Total errors: 486
Data scanned: 9020.40 MB
Data read: 17800.31 MB (ratio 0.51:1)
Time: 1349.479 sec (22 m 29 s)"

Also, my engine is 0.96.5. The latest version is 0.97. But "aptitude upgrade" can not upgrade the engine to 0.97. I understand 0.97 is still on testing. I am wondering if I can just stay with 0.96.5 and wait for the 0.97 passing all tests. if so, does it cause any security issue?

View 5 Replies View Related

Ubuntu Security :: Clean Windows Partition With ClamAV

May 30, 2011

My windows partition is infected and I recall that it is supposed to be possible from the linux partition with ClamAV. Now I'm running Fedora12 but this forum is much more active and I suppose that doesn't make a big difference. I tried to find something on google but most procedures seem to involve a Live CD but it would be more convenient for me to just do it from my linux distro running. Is there anything I have to be aware of or is it literally just scanning the windows partition with ClamAV?

View 5 Replies View Related

Ubuntu Security :: Installing Clamav From Debian Repositories?

Jun 4, 2011

ubuntu 10.04lts, want to upgrade my clamav from 096.5 to the 097 scan engine. the ubntu repositories have only the 096.5 release, while the debian repositories have the 097 package. set the repositoriy path in the synaptic package manager, and made sure the checkbox was checked. can't see the clamav package.

View 1 Replies View Related

Security :: Which Is A Valid Alternative (open Source) To Clamav

Sep 23, 2010

which is a valid alternative (open source) to clamav?

View 2 Replies View Related

Security :: ClamAV Hangs On Reaching Virtual Devices?

Sep 6, 2010

I'm noodling around with Ubuntu 10.4.1, latest updates and kernel (, I run ClamAv as root and it goes fine through almost all of my system (huge amount of it), including several virtual devices, where it hangs on pan0, which has some association with my network (eth0 would be for wired connection, and wlan0 for wireless, and pan0 is listed also, but I'm not at that machine right now, so I can't tell why it shows up. wlan0 is what I use to connect to the internet).Is there an issue for clamAV with virtual devices? Any workaround? I had to terminate the scan after it stayed hung for over 5 minutes on pan0.

View 6 Replies View Related

Fedora Security :: How To Determine What Type Of Files Clamav Can Scan

Dec 7, 2009

How to determine what type of files clamav can scan? For example, if there is no unrar installed it can't scan files in it. So is there any way to find out all types of files that clamav can't scan?

View 2 Replies View Related

Ubuntu Security :: ClamAV Issuing Exploit PDF-9669 Warning

Jan 9, 2010

I've scanned my computer (I'm using Ubuntu 8.04 Hardy Heron) and ClamAV has issued it has found a virus called Exploit.PDF-9669. What seems strange to me is that such a warning always happens (or, at least, in the most cases) in the same folder tree "sys" and ClamAV issues the very same virus/malware warning (Exploit.PDF-9669).

An example:
sys/devices/virtual/vtconsole/vtcon0/uevent: Exploit.PDF-9669 FOUND
sys/devices/virtual/net/ppp0/address: Exploit.PDF-9669 FOUND
sys/devices/virtual/net/ppp0/broadcast: Exploit.PDF-9669 FOUND
sys/devices/LNXSYSTM:00/device:00/uevent: Exploit.PDF-9669 FOUND

My ClamAV version is 0.94.2/10275/Fri Jan 8 22:06:46 2010. It has been not updated since I installed Hardy in my computer last year. Is my computer in danger?

View 2 Replies View Related

Ubuntu Security :: Exclude Folders From ClamAV Scheduled Scan?

Feb 22, 2011

I have network shares automounted in /media and I want to exclude them from my automatic scheduled ClamAV scan in Maverick. How do I do this? I can't find any CRON link or script that actually starts the scan. Is it the Daemon that does this?

View 1 Replies View Related

Ubuntu Installation :: Clamav Installion Of PHP ClamAV Lib - Depend Stopped It

May 31, 2011

I am semi new to UBUNTU worked a bit with it in the passed on vps and that. but i am currentaly tring to make a module for *Zpanel* i am making an anti virus module and am going to be using clamav. up to now everything has been going smoothly but i have hit massive problem.

I am tring to do this:


And i get this in return


Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming.

The following information may resolve the situation:

The following packages have unmet dependencies.

I dont get any install. and the information i have collect from people say that and install should not be stopped becuase of an depend

So as any one who is semi new would do i then tried installing the depend


And i get this in return


E: Package 'phpapi-20060613+lfs' has no installation candidate

So it look like problem after problem

Does any one know why i can not install php5-clamavlib

I have UBUNTU 11.04 desktop (with zpanel installed on it)

*zpanel an open source web hosting panel for windows and NOW LINUX (zpanel has just been release on UBUNTU ONLY ).

View 1 Replies View Related

Copyrights 2005-15, All rights reserved