LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Distributions (http://www.linuxquestions.org/questions/linux-distributions-5/)
-   -   F17 KDE Klamav issue (http://www.linuxquestions.org/questions/linux-distributions-5/f17-kde-klamav-issue-4175443186/)

siickboii 12-27-2012 07:20 PM

F17 KDE Klamav issue
 
I have fedora 17 kde desktop and ran the klamav for the first time. It found 8 viruses. I deleted them, rebooted and system wouldnt boot. It just said couldnt find kernel. I ened up reformatting and installing fedora again. Anyone had any issues with klamav doing this?

malekmustaq 12-28-2012 12:19 AM

Quote:

Originally Posted by siickboii (Post 4858068)
I have fedora 17 kde desktop and ran the klamav for the first time. It found 8 viruses. I deleted them, rebooted and system wouldnt boot. It just said couldnt find kernel. I ened up reformatting and installing fedora again. Anyone had any issues with klamav doing this?

Clamav is very good; it is an industrial standard anti-virus software. I used that before, I am using today, and have no plan of changing to another cleaner. But I don't use its GUI front ends: I suspect "Klamav" configuration has led you to false-positives and since your command was to delete/remove then your symlink to kernel might have been deleted also.

Use clamav at the terminal. Update it first
Code:

~# freshclam
be sure you are online and wait until the database is updated.

Make a directory where you can move (NOT DELETE) suspicious files
Code:

~# mkdir -p /root/clamav/move
Copy this code and paste to an editor and save as "scan" at folder /usr/bin --

Code:

clamscan -v -r --scan-archive=yes --cross-fs=yes --stdout \
--heuristic-scan-precedence=yes --move=/root/clamav/move \
--algorithmic-detection=yes --detect-pua=yes \
--include-pua=Packed --include-pua=RAT "$@"

Make it executable:
Code:

~# chmod +x /usr/bin/scan
You may now scan your whatever folder or drive you want using a fancy command like this:
Code:

~# scan /home (or)
~# scan /tmp

You can allow other users to use 'scan' command by setting permission:
Code:

~# chown root:clamav /usr/bin/scan
and make regular $USER as member of group 'clamav' for them to be able to use "scan" command.

Hope that helps.

Good luck.


All times are GMT -5. The time now is 05:33 PM.