LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > SUSE / openSUSE
User Name
Password
SUSE / openSUSE This Forum is for the discussion of Suse Linux.

Notices


Reply
  Search this Thread
Old 07-31-2005, 04:51 PM   #1
port666
LQ Newbie
 
Registered: May 2005
Distribution: SuSE Linux 2.6.1
Posts: 24

Rep: Reputation: 15
Problems with Antivir Scanner


I am running the Antivir scanning utility and the scan runs OK until when it gets to the point that I posted below. And when gets to this directory, it scans this for hours and hours....Here is the example below. Its doing it even as ROOT...Why is it doing this? Is there a way to skip the scanning in this directory? I am having real great deal of headaches with this scanner. Like I said, it seems to scan OK until it gets to this point. And I waited and waited for minutes and still I see it scrolling and scrolling for hours.....Whats the issue here?


/sys/class/pci_bus/0000:02/bridge/0000:02:09.0/bus/devices/0000
ver/2-2/2-2:1.0/driver/1-0:1.0/power/state
Date: 29.07.2005 Time: 07:24:06 Size: 4096
error: could not read file
file was not scanned completeley!
 
Old 07-31-2005, 06:10 PM   #2
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 126Reputation: 126
I'm not sure about the antivir interface, but you definitely don't want to perform a virus scan in /proc, /sys, or /dev. Lots of files in there may not like being opened and read for the virus scan.
 
Old 07-31-2005, 08:21 PM   #3
port666
LQ Newbie
 
Registered: May 2005
Distribution: SuSE Linux 2.6.1
Posts: 24

Original Poster
Rep: Reputation: 15
Ok, if thats the case, is there a way to SKIP the files and just only scan the common ones like etc, /home, /var, etc...???

I tried literally every command and does not work, meaning it still wants to scan that restricted directory. Heres what I mean? DOes anyone have a solution for this? It seems that I got everyone on this question. Because I posted this on another forum and know one seems to know. Here are the commands that I have tried so far.

antivir /s --allfiles --skip-subdir=/sys/
antivir -s --allfiles `ls / |egrep -v 'sys|dev|proc'`
antivir --allfiles --exclude=/sys/class

Not one of them wants to SKIP the that file. How can I make it skip those restricted directories? You gave me an answer is to the meaning of those files but I want to know is there a scan command that skips those files?
 
Old 07-31-2005, 11:12 PM   #4
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 126Reputation: 126
Well, unfortunately, I don't have an antivir manpage, and can't seem to find one on the internet. Could you post (at least) the output of antivir --help?
 
Old 08-01-2005, 01:33 PM   #5
port666
LQ Newbie
 
Registered: May 2005
Distribution: SuSE Linux 2.6.1
Posts: 24

Original Poster
Rep: Reputation: 15
I just want to SKIP the /sys/class/ files...And it will not do that no matter what I do....Any other suggestions???



antivir / -s --allfiles --skip-subdir=/sys/
AntiVir / Linux Version 2.1.3-16 +gui
Copyright (c) 1994-2005 by H+BEDV Datentechnik GmbH.
All rights reserved.

unknown option: '--skip-subdir=/sys/'
Usage is: antivir [options] [path[\*.ext]] [*.ext]
where options are:
--help .......... display this help text (abbreviation: -h or -?)
--allfiles ...... scan all files (not just program files)
--version ....... show version information
--info .......... show list of recognized forms
--update ........ update AntiVir
--check ......... used with --update to check for updates
--temp=<dir> .... specify the directory for temporary files
--home-dir=<dir> location of executable, VDF and key files
-C <filename> ... name of configuration file (default /etc/antivir.conf)
-s .............. scan subdirectories
--scan-in-archive files in archives will be extracted and scanned
-z .............. synonymous for -z (scan files in archives, too)
--archive-max-size=N, --archive-max-recursion=N, --archive-max-ratio=N
anti DoS feature: do not scan archive content which would
exceed the given file size, nesting level or compression
factor limits on extraction (0 means unlimited)
--- Press RETURN to continue ---
 
Old 08-01-2005, 01:57 PM   #6
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 126Reputation: 126
I think you just need to assemble a nice path...
Code:
ls -d1 /* | egrep -v '(proc|sys|dev)' | xargs antivir --allfiles -s -z
Or something similar.
 
Old 08-01-2005, 02:14 PM   #7
port666
LQ Newbie
 
Registered: May 2005
Distribution: SuSE Linux 2.6.1
Posts: 24

Original Poster
Rep: Reputation: 15
Ok, is this a scan command or what do I have to do??? Do you want tme to try to scan using that command and see if it skips the file?

Im not at home right now, but as soon as I get home I will try to re-install Antivir and try again...
 
Old 08-01-2005, 02:16 PM   #8
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 126Reputation: 126
That command should work to scan your system.
 
Old 08-01-2005, 02:37 PM   #9
port666
LQ Newbie
 
Registered: May 2005
Distribution: SuSE Linux 2.6.1
Posts: 24

Original Poster
Rep: Reputation: 15
I have to wait and see later. I have to reinstall Antivir from YAST.

ARE YOU 100% SURE that this command that you posted WILL ACTUALLY SKIP those RESTRICTED directories?

Is that the right command??? Because you said "something similar"

Last edited by port666; 08-01-2005 at 02:39 PM.
 
Old 08-01-2005, 02:39 PM   #10
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 126Reputation: 126
It should. Alternatively, you could do it like this:
Code:
antivir --allfiles -s -z `ls -d1 /* | egrep -v '(sys|proc|dev)' | tr '\n' ' '`
 
Old 08-01-2005, 05:06 PM   #11
port666
LQ Newbie
 
Registered: May 2005
Distribution: SuSE Linux 2.6.1
Posts: 24

Original Poster
Rep: Reputation: 15
I tried this

Code:
ls -d1 /* | egrep -v '(proc|sys|dev)' | xargs antivir --allfiles -s -z
But its taking for ever to scan /usr/lib/jvm-exports/jre-sun

It looks likethis:

ls -d1 /* | egrep -v '(proc|sys|dev)' | xargs antivir --allfiles -s -z
AntiVir / Linux Version 2.1.3-16 +gui
Copyright (c) 1994-2005 by H+BEDV Datentechnik GmbH.
All rights reserved.

Loading /usr/lib/AntiVir/antivir.vdf ...

Warning: The file "antivir.vdf" is more than 14 days old.

VDF version: 6.30.0.3 created 21 Feb 2005

AntiVir license: 149999 for Evaluation License for SuSE Linux

checking drive/path (list): /windows
checking drive/path (list): /var
checking drive/path (list): /usr
/usr/lib/jvm-exports/jre-sun bla bla bla>>>

Its scanning that file for 20mintues now. Its the JAVA OR JRE thats taking the longest to scan right now...How can I prevent this problem?

Last edited by port666; 08-01-2005 at 05:37 PM.
 
Old 08-01-2005, 06:26 PM   #12
port666
LQ Newbie
 
Registered: May 2005
Distribution: SuSE Linux 2.6.1
Posts: 24

Original Poster
Rep: Reputation: 15
I think the JRE (JAVA RUNTIME ENVIROMENT) is taking up most of ny directories now. I had downloaded it yesterday. It was the Java Runtime Enviroment. I need to UNINSTALL this....Is there anyway I can UNINSTALL THIS????

It looks like that JAVA or JAVA-Related tools are taking up the whole entire scanning process. And boy, I have to tell you that once its on one of the Java, JRE-SUN, Java-Exports, it TAKES FOREVER and who knows how long the scan will take...So, I need to unintall those...Can you please tell me how?

Secondly - Is there a way to CANCEL the scan??? Because what happens, is that once I click the 'X' to close the Console, and then I re-scan it, I see like 4 Antivir processes lined up when I do a TOP command...And addition to that, my system slows down alot.

So, once I click on the X to close the scan, does that mean the scanner is still running the scan EVEN if I click the 'X' to close the console?

And is there a way I can KILL the 4 Antivir processes in TOP? WITHOUT rebooting my system to clear them? It must be still running or scanning EVEN if I click or close the Konsole using the X on the top-right hand corner....No?

Last edited by port666; 08-01-2005 at 06:47 PM.
 
Old 08-01-2005, 07:01 PM   #13
port666
LQ Newbie
 
Registered: May 2005
Distribution: SuSE Linux 2.6.1
Posts: 24

Original Poster
Rep: Reputation: 15
I even put the Java, JRE-SUN, Java-Exports, alternatives (under /etc/) in the grep part of the command and it still wants to scan the /ETC/ALTERNATIVES were JAVA or the JAVA-related tools are.

TheJRE is scattered everywhere...How can I uninstall it? I have downloaded it yesterday?
 
Old 08-01-2005, 08:16 PM   #14
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 126Reputation: 126
It depends on the install tool you used, but you'd need a matching uninstall tool.

The grep command only works for top level directories.

To kill processes, use the kill utility.
 
Old 08-01-2005, 08:34 PM   #15
port666
LQ Newbie
 
Registered: May 2005
Distribution: SuSE Linux 2.6.1
Posts: 24

Original Poster
Rep: Reputation: 15
Ok the TOOL I used was the RPM SELF-EXTRACTOR... Amazingly I remembered that...

Let me know on how to uninstall...PLEASE... I wanna get rid of it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Antivir atlaika Linux - Security 3 11-29-2005 12:01 PM
Antivir jam2000 Linux - Security 4 11-17-2005 03:18 PM
Antivir GUI little_penguin Linux - Software 2 11-04-2005 12:53 PM
Updating Antivir Problems port666 SUSE / openSUSE 1 08-02-2005 10:21 PM
Problems with AntiVir GUI dsschanze Linux - Software 0 12-27-2004 06:03 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > SUSE / openSUSE

All times are GMT -5. The time now is 05:28 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration