Re: Clamav scans or removes virus ??
2006/8/9, Paul Johnson <firstname.lastname@example.org>:
On Wednesday 09 August 2006 07:11, Alejandro wrote:
> Hi all,
> I have a Debian Sarge mail server with clamav antivirus, but I suspect
> it only scan for virus and don't remove them.
Only scans. Generally if you have a virus to remove, you should be
reinstalling your OS as you are compromised anyway.
Before you reinstall the OS, try to run
on the system, if you don't see nothing.
Try to run the command
the process that have a peak on the table and run onto 80-90% the cpu
it's the process that have installed the virus.
kill the process with
and sing the program that block it.
This program is that it have the virus on board, uninstall and
reinstall only this program.
If you have a backdoor with chkroot could eliminated it.