Re: Clamav scans or removes virus ??

To: debian-user@lists.debian.org
Subject: Re: Clamav scans or removes virus ??
From: heba <mat.r.gl@gmail.com>
Date: Thu, 10 Aug 2006 07:38:21 +0200
Message-id: <[🔎] b07a9ae00608092238s1520e87ka539c886f9fcbcd9@mail.gmail.com>
In-reply-to: <[🔎] 200608090834.00630.baloo@ursine.ca>
References: <[🔎] 44D9ED12.2090707@ciudad.com.ar> <[🔎] 200608090834.00630.baloo@ursine.ca>

2006/8/9, Paul Johnson <baloo@ursine.ca>:

On Wednesday 09 August 2006 07:11, Alejandro wrote:
> Hi all,
>
> I have a Debian Sarge mail server with clamav antivirus, but I suspect
> it only scan for virus and don't remove them.

Only scans.  Generally if you have a virus to remove, you should be
reinstalling your OS as you are compromised anyway.


Before you reinstall the OS, try to run

chkroot

on the system, if you don't see nothing.

Try to run the command

top

the process that have a peak on the table and run onto 80-90% the cpu
it's the process that have installed the virus.

kill the process with

kill -9

and sing the program that block it.

This program is that it have the virus on board, uninstall and
reinstall only this program.

If you have a backdoor with chkroot could eliminated it.

regards
heba

Reply to:

References:
- Clamav scans or removes virus ??
  - From: Alejandro <alejandritox@ciudad.com.ar>
- Re: Clamav scans or removes virus ??
  - From: Paul Johnson <baloo@ursine.ca>

Prev by Date: apt-get install gnome-panel-data-2.14.3-1 failed
Next by Date: Re: Naming multiple alsa sound cards (was Re: synthetic sound generator with api)
Previous by thread: Re: Clamav scans or removes virus ??
Next by thread: Re: Clamav scans or removes virus ??
Index(es):
- Date
- Thread