How To Find the Infected Files after Running Clamavscan??
- michaellowe
- Posts: 66
- Joined: Sat 17 Dec 2011, 08:33
- Location: The Garden
How To Find the Infected Files after Running Clamavscan??
Hello to anyone and everyone who is or isn't a definitive clamav guru, preference for the former but any help would be appreciated.
I dont run it often but when I do it makes me feel more secure.
Anyway just ran my clamavscan and it returned this:
----------- SCAN SUMMARY -----------
Known viruses: 3918521
Engine version: 0.97.3
Scanned directories: 35459
Scanned files: 340654
Infected files: 2
Total errors: 580
Data scanned: 18930.77 MB
Data read: 47810.95 MB (ratio 0.40:1)
Time: 5631.223 sec (93 m 51 s)
so it appears it works but one thing Ive never known how to do is where to find the offending infected files? my knowledge of clamav is very limited other than typing clamav in the terminal and hitting return, I dont know anything else about it? anyone knwo anything about the program and how to run it efficiently, is there man pages somewhere? i'm running the sfs so its hard to know anything?
Thanks in advance for any help,
cheers
I dont run it often but when I do it makes me feel more secure.
Anyway just ran my clamavscan and it returned this:
----------- SCAN SUMMARY -----------
Known viruses: 3918521
Engine version: 0.97.3
Scanned directories: 35459
Scanned files: 340654
Infected files: 2
Total errors: 580
Data scanned: 18930.77 MB
Data read: 47810.95 MB (ratio 0.40:1)
Time: 5631.223 sec (93 m 51 s)
so it appears it works but one thing Ive never known how to do is where to find the offending infected files? my knowledge of clamav is very limited other than typing clamav in the terminal and hitting return, I dont know anything else about it? anyone knwo anything about the program and how to run it efficiently, is there man pages somewhere? i'm running the sfs so its hard to know anything?
Thanks in advance for any help,
cheers
Smash forehead on keyboard to continue.....
well thats at least how some of us deal with ba$h !
well thats at least how some of us deal with ba$h !
You want the -r and -i switch >> http://askubuntu.com/questions/250290/h ... ith-clamav
I think /var collects a log file as well.
I think /var collects a log file as well.
>>> Living with the immediacy of death helps you sort out your priorities. It helps you live a life less trivial <<<
- michaellowe
- Posts: 66
- Joined: Sat 17 Dec 2011, 08:33
- Location: The Garden
How To Find the Infected Files after Running Clamavscan??
Yeah I tried that r switch and cant remember what happened but it did nothing I think, well at least not visually?? will try it again and report backSemme wrote:You want the -r and -i switch >> http://askubuntu.com/questions/250290/h ... ith-clamav
I think /var collects a log file as well.
Thanks
Smash forehead on keyboard to continue.....
well thats at least how some of us deal with ba$h !
well thats at least how some of us deal with ba$h !
- michaellowe
- Posts: 66
- Joined: Sat 17 Dec 2011, 08:33
- Location: The Garden
Re: How To Find the Infected Files after Running Clamavscan??
ok ran freshclammichaellowe wrote:Yeah I tried that r switch and cant remember what happened but it did nothing I think, well at least not visually?? will try it again and report backSemme wrote:You want the -r and -i switch >> http://askubuntu.com/questions/250290/h ... ith-clamav
I think /var collects a log file as well.
Thanks
and I get this:
# freshclam
ClamAV update process started at Mon Jul 27 15:38:54 2015
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.97.3 Recommended version: 0.98.7
DON'T PANIC! Read http://www.clamav.net/support/faq
main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)
daily.cvd is up to date (version: 20733, sigs: 1499961, f-level: 63, builder: neo)
bytecode.cvd is up to date (version: 265, sigs: 47, f-level: 63, builder: neo)
[LibClamAV] ******************************************************
[LibClamAV] *** Virus database timestamp in the future! ***
[LibClamAV] *** Please check the timezone and clock settings ***
[LibClamAV] ******************************************************
what to do about these warnings, the second one seems irrelevant???
but now what about the virus database timestamp in the future warning?
Smash forehead on keyboard to continue.....
well thats at least how some of us deal with ba$h !
well thats at least how some of us deal with ba$h !
- michaellowe
- Posts: 66
- Joined: Sat 17 Dec 2011, 08:33
- Location: The Garden
How To Find the Infected Files after Running Clamavscan??
hmm seems to be working now??Semme wrote:Which pup are you running this from?
at the mo I am currently running a scan on /
using this command:
clamscan -r --move=/home/USER/VIRUS /home/USER
Ive replaced the above file/directory paths with my own to suit the way I have things set up like so:
clamscan -r --move=/mnt/home/vault /
will let you know the outcome it still puts out the warning about the virus database timestamp being in the future???
and to check time and clock settings??? weird
PS. im on lucid 525
Smash forehead on keyboard to continue.....
well thats at least how some of us deal with ba$h !
well thats at least how some of us deal with ba$h !
- michaellowe
- Posts: 66
- Joined: Sat 17 Dec 2011, 08:33
- Location: The Garden
How To Find the Infected Files after Running Clamavscan??
also found out that I didnt need to create that vault dir at mnt/home as there is already a /virus
checked the contents and it had more than 2 infected files which was the previous scans results? weird?? anyway its still chugging away will share a screenshot and you can see what you make of the contents of the /virus directory? cheers
checked the contents and it had more than 2 infected files which was the previous scans results? weird?? anyway its still chugging away will share a screenshot and you can see what you make of the contents of the /virus directory? cheers
Smash forehead on keyboard to continue.....
well thats at least how some of us deal with ba$h !
well thats at least how some of us deal with ba$h !
- michaellowe
- Posts: 66
- Joined: Sat 17 Dec 2011, 08:33
- Location: The Garden
How To Find the Infected Files after Running Clamavscan??
found out why clamscan -r wouldnt work before:
it had the -i parameter set as well (which I assume can only mean that it lists the infected items or is supposed to???) well it didnt work like that anyway so Ive removed it and run it just as clamscan -r --move=.....
hopefully this might shed some light for other clamav users?
cheers
it had the -i parameter set as well (which I assume can only mean that it lists the infected items or is supposed to???) well it didnt work like that anyway so Ive removed it and run it just as clamscan -r --move=.....
hopefully this might shed some light for other clamav users?
cheers
Smash forehead on keyboard to continue.....
well thats at least how some of us deal with ba$h !
well thats at least how some of us deal with ba$h !
- michaellowe
- Posts: 66
- Joined: Sat 17 Dec 2011, 08:33
- Location: The Garden
How To Find the Infected Files after Running Clamavscan??
For anyone thats interested
this is the final output from several locations including the terminal
would be very interested in finding out what anyone in the know
makes of it?
this is the final output from several locations including the terminal
would be very interested in finding out what anyone in the know
makes of it?
- Attachments
-
- output of clamscan -r --move=.png
- (126.21 KiB) Downloaded 257 times
Smash forehead on keyboard to continue.....
well thats at least how some of us deal with ba$h !
well thats at least how some of us deal with ba$h !
- michaellowe
- Posts: 66
- Joined: Sat 17 Dec 2011, 08:33
- Location: The Garden
How To Find Infected Files Running clamcan -r and move them
yeah i got similar? page never loads and wifi drop outs, their serves might be overloaded?!!Bindee wrote:Seems to have vanished>>>>>>>>>
Smash forehead on keyboard to continue.....
well thats at least how some of us deal with ba$h !
well thats at least how some of us deal with ba$h !