LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   ClamV Virus scan on Linux (https://www.linuxquestions.org/questions/linux-software-2/clamv-virus-scan-on-linux-578667/)

shankarLe 08-21-2007 07:14 AM
ClamV Virus scan on Linux
 
Hello,

I have installed clamAv anti virus for rhel 4.0 from sources (Clam AntiVirus). Then I ran the virus can by executing the command.
#/usr/local/bin/clamscan -r /

It gives the report as:

----------- SCAN SUMMARY -----------
Known viruses: 94639
Engine version: 0.88.4
Scanned directories: 15640
Scanned files: 229980
Infected files: 1736
Data scanned: 17931.08 MB
Time: 11339.209 sec (188 m 59 s)
Looks like it does not delete the viruses from the system, it just reports it. Later I updated the virus database by following method

# freshclam
ClamAV update process started at Tue Aug 21 17:24:49 2007
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.88.4 Recommended version: 0.91.2
DON'T PANIC! Read Clam AntiVirus
main.cvd is up to date (version: 44, sigs: 133163, f-level: 20, builder: sven)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 8, recommended = 20
DON'T PANIC! Read Clam AntiVirus
Downloading daily.cvd[*]
daily.cvd updated (version: 4019, sigs: 14971, f-level: 20, builder: sven)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 8, recommended = 20
DON'T PANIC! Read Clam AntiVirus
Database updated (148134 signatures) from database.clamav.net (IP: 58.221.222.69)
Clamd successfully notified about the update.


can you please tell me how to delete the viruses from my box. please help.

Cacciari 08-21-2007 07:18 AM
You probably found virii into your Windows files (maybe you mounted a win partition).

Its the same thing when you look for bacteria in your house. Your room, the garage, your sofa are Linux, while your garbage can is windows. What is infected?

Just a guess!

b0uncer 08-21-2007 07:20 AM
Read man-page of clamscan for usage instructions. Using -i option ClamAv reports (only) the infected files so you can deal with them. With --remove option you can force ClamAv to remove the infected files (better first run without it, to see what files it wants to remove!) Better use --move=DIRECTORY instead, so it moves the infected files to DIRECTORY..so, something like this:
Code:
mkdir /home/username/infected_files
clamscan --recursive --infected --move=/home/username/infected_files
EDIT: for online information, check this page for example (use search engines first from now on):
http://linux.die.net/man/1/clamscan

shankarLe 08-22-2007 11:55 PM
Thanks
 
I shall look in man pages now on. thanks again :D


All times are GMT -5. The time now is 01:35 PM.