On 0, Paul Johnson <baloo@ursine.dyndns.org> wrote: > Hash: SHA1 > > (Please turn on your line wraps to something around 72 columns) > On Sat, Aug 10, 2002 at 08:56:03AM -0400, colemw@cox.net wrote: > > > I did a virus scan with clamscan and then f-prot. Clamscan notified > > me of one virus: V801 in file /proc/kcore. Going to this file it is > > VERY large (in fact takes up the majority of my partition). I can't > > seem to rm or shred this file. f-prot called it a W32 virus? But > > neither application will remove the file. It has permissions set at > > '-r--------' with owners root.root. What does this file do? Is > > there any way to get rid of the virus without wiping the partition > > which is /? Let me know if you need more info. > > My guess is this is the kernel core. Don't worry too much about > anything in /proc, it's a virtual filesystem containing information > about what's going on, and does not take up disk space. I'm going to > hazard to guess your virus scanner saw itself when it scanned /proc. > > Be aware there are a total of five viruses for Unix, three of those > for Linux specifically, and those three target long-since-outdated > versions of Red Hat. Possibly you should figure out how to tell your virus scanner not to scan /proc. Tom -- Tom Cook Information Technology Services, The University of Adelaide "Beware of computer programmers that carry screwdrivers." - Leonard Brandwein Get my GPG public key: https://pinky.its.adelaide.edu.au/~tkcook/tom.cook-at-adelaide.edu.au
Attachment:
pgplONUdnVX9j.pgp
Description: PGP signature