|
Am Samstag, 14. Juli 2018, 16:52:50 CEST schrieb Hubert Hauser: Hi Hubert,
it is not sure, this is really a virus. A virusscanner just looks at singantures, which look like a virus.
However, you may check for differences between the original package and your installed binaries. If there are none, you may check also the source code (if you are coder). If you are unsure, you may ask the debian security team for help (if you are using debian/stable).
The packages you are looking for are "mailutils" and "systemd".
apt-file search /usr/bin/messages.mailutils apt-file search /usr/bin/systemd-mount Hope this helps.
Best regards
Hans > Hello! > > I have recently received a following mail from root > <clamav-daily@autisticstory.net>: > > Please see the log file attached. > > clamav-2018-07-14.log > > /usr/bin/messages.mailutils: Unix.Trojan.Vali-6606621-0 FOUND > /usr/bin/systemd-mount: Unix.Trojan.Vali-6606621-0 FOUND > > ----------- SCAN SUMMARY ----------- > > Known viruses: 9549712 > Engine version: 0.99.4 > Scanned directories: 22397 > Scanned files: 98762 > Infected files: 2 > Total errors: 18457 > Data scanned: 4463.86 MB > Data read: 4123.41 MB (ratio 1.08:1) > Time: 927.686 sec (15 m 27 s) > > Which package can contain this virus? What should I do to remove it? Is > it serious threat?
|