Infected file

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read this

Infected file

Postby duncan222 on Thu Mar 21, 2013 10:49 am

clamav is flagging up 2 infected files. I Know it can show false positives but how can I,

1. Identify the 2 files it shows as positive ?
2. Know if I need to remove either or both of these files ?
3. If I need to delete them what is the instruction to do so ?

Any further comments anyone has on this topic in general would be appreciated.

Thanks
duncan222
Level 3
Level 3
 
Posts: 107
Joined: Fri Jan 11, 2013 12:29 pm

Linux Mint is funded by ads and donations.
 

Re: Infected file

Postby kc1di on Thu Mar 21, 2013 12:34 pm

Hello duncan222 and welcome to mint.

There are very few viruses in the wild that can infect Linux files. So if they are not Windows generated files most likely not infected.
There are 2 files that are installed by Clamav as test files. can you list the files it's hitting on then we may be able to tell.
John 3:16
Morse code an Early
Digital Mode
Registered Linux User #462608
Image
User avatar
kc1di
Level 6
Level 6
 
Posts: 1211
Joined: Mon Sep 08, 2008 8:44 pm
Location: Maine USA

Re: Infected file

Postby duncan222 on Fri Mar 22, 2013 6:14 am

That was one of my questions, how to identify the files.
At the end of the scan it just gives me a summary of files scanned but it does not identify which infected files it is referring to.
duncan222
Level 3
Level 3
 
Posts: 107
Joined: Fri Jan 11, 2013 12:29 pm

Re: Infected file

Postby kc1di on Fri Mar 22, 2013 6:50 am

duncan222 wrote:That was one of my questions, how to identify the files.
At the end of the scan it just gives me a summary of files scanned but it does not identify which infected files it is referring to.

I haven't used Clamav in a while so will have to reinstall it and give it a run then try to answer your question.

When I run a AV I use AVG free for linux found here:
http://free.avg.com/us-en/download.prd-alf
John 3:16
Morse code an Early
Digital Mode
Registered Linux User #462608
Image
User avatar
kc1di
Level 6
Level 6
 
Posts: 1211
Joined: Mon Sep 08, 2008 8:44 pm
Location: Maine USA

Re: Infected file

Postby kc1di on Fri Mar 22, 2013 6:59 am

a question are your running clamav from the terminal? if so you may want to install and try clamtk. it a GUI for calmav.
John 3:16
Morse code an Early
Digital Mode
Registered Linux User #462608
Image
User avatar
kc1di
Level 6
Level 6
 
Posts: 1211
Joined: Mon Sep 08, 2008 8:44 pm
Location: Maine USA

Re: Infected file

Postby kc1di on Fri Mar 22, 2013 8:51 am

Ok install clam av in the terminal when you scan with the command clamscan it will give you a list of files scanned.
and will either say OK behind them or infected. so you should be able to tell which file is infected.
Hope that helps.
Also you may want to give avast a try I've found it very helpful. you can get it from here.
http://ubuntuforums.org/showthread.php?t=1282979

you have to register it but it's free for 1 year I think. has nice interface.
John 3:16
Morse code an Early
Digital Mode
Registered Linux User #462608
Image
User avatar
kc1di
Level 6
Level 6
 
Posts: 1211
Joined: Mon Sep 08, 2008 8:44 pm
Location: Maine USA

Re: Infected file

Postby duncan222 on Fri Mar 22, 2013 10:17 am

I am running clamscan in the terminal.
I tried the GUI for clamscan but it seems to get so far and then stop with no error messages shown.

I Wondered about avast as I found it very good when using it for windows before I became hooked on Linux but will certainly have a look at it. The thing about Clamav is just one simple short line in the terminal and it scans fast, perhaps too fast as every file is shown as ok and I did not spot any other file showing any other message. it's just in the final summary where it shows 2 infected files.

Thanks for the responses
duncan222
Level 3
Level 3
 
Posts: 107
Joined: Fri Jan 11, 2013 12:29 pm

Re: Infected file

Postby duncan222 on Fri Mar 22, 2013 11:21 am

Not having much luck with Avast.......... get the following message when trying to update (Program is registered)

avast! engine failed to reinitialize after database upgrade.
The application will terminate now
duncan222
Level 3
Level 3
 
Posts: 107
Joined: Fri Jan 11, 2013 12:29 pm

Re: Infected file

Postby duncan222 on Fri Mar 22, 2013 12:26 pm

Problem with Avast sorted, followed instructions regarding file/folder V400 on avast forums and then ran a scan.
Much better system as it stopped on reaching the 2 infected files and gave options to rename or move to chest.
Both these files are downloaded program files for Windows.
Assume they can do no harm as they are both exe files and in my Linux download file so they can both be easily deleted.

Thanks for the help.
duncan222
Level 3
Level 3
 
Posts: 107
Joined: Fri Jan 11, 2013 12:29 pm

Re: Infected file

Postby DrHu on Fri Mar 22, 2013 1:30 pm

OK, and as a general principal, take the file names being identified by the anti-virus program and search on the Internet for those file names + virus: if they are really virus files, and haven been identified as such (not so new as to be unrecognized), any of the many virus scanning organizations will list them along with any data belonging to same..
User avatar
DrHu
Level 16
Level 16
 
Posts: 6283
Joined: Wed Jun 17, 2009 8:20 pm

Linux Mint is funded by ads and donations.
 

Return to Newbie Questions

Who is online

Users browsing this forum: Case Holland, rmcellig, timics and 48 guests