Still fairly new to linux, have been running a debian server for about 3 or 4 months to host some personal websites for myself and a family member or two.

I recently reformated my main PC (WinXP Pro) and obtained a virus shortly thereafter (few days ago) when I downloaded a questionable item (won't go into details)..This virus wrecked havoc on my main PC.. actually; it's been a nitemare. I never even thought it would infect my debian machine, and maybe it hasn't. Here are the details:

Upon checking free I see that I have 2% RAM left. Also I can't apt-get update, and I tried to install clamav, but I can't get that either..

SSH works...apache works..mysql works.. I can connect to the site through any of these services but the resources are blown out.

I don't have any active backups on this system (ARGHHhhhh) which is my fault.. But what are my options? Any thoughts on what is wrong with system? IS it in fact a virus or is it something else?

Anything interesting when you do a;

Absolutely nothing..

Update: I have been able to install clamav but it won't scan. I also have been able to get apt-get update to work also (not sure how, but it works now)...

in the linux world the memory works very differnt way then in wndow world , just don't worry about

Not worry about it? I can't even connect to the webserver when its running on 2% RAM left!

Needless I finally got ClamAV to scan and it detected and cleaned 4 viruses..Rebooted and I'm back down to about 35% RAM used.

It's probably a good idea to download and run rootkit hunter on the system to identify any other hidden surprises on the system (rootkits, bindshells, etc).

Great suggestion. I was unfamiliar with that program until now..

Even showed me some services I need to tighten up...

Thank you sir.

No problem. I'd also suggest looking into a file integrity scanner like tripwire, aide or samhain. They're really meant to be put on a system immediately after installation, so in this case they wouldn't be much help. But when used properly, they allow you to immediately detect modification of any critical system files and configs. In a situation like investigating a potential compromise or viral infection they can save you alot of time and grief.
Cheers.

Just to clarify something .... please

Your Debian server had 4 viruses on it ???
or were you referring to your windows system

floppy

Could you maybe do a top to see what's eating all your RAM? When you're in top use M to see the memory usage. This could shed some light on what's causing the problem. If you see any processes you don't trust you can investigate the problem or give them a kill -9.

Nope those viruses reported by ClamAV were the virus test files that comes with ClamAV itself. More over ClamAV is a Virus Scanner ONLY not a remover.