Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: rexgaylord on May 26, 2004, 10:56:44 AM
-
I followed the the pagefault howto for installing Clamavand and have the option of doing a daily scan enabled. After initail testing and gave a few viruses caught, the daily scans started showing infected files in directories that don't seem to exist. An example of the last e-mail below:
***********************
//var/spool/squid/00/04/0000042A: Trojan.JS.Startpage.C FOUND
/tmp/clamav-7e6c027d4c978fa2/usr/lib/libpavdll.so.3.6.0.1: W32.GriYo FOUND
/tmp/clamav-e180bb86ba8ccdcb/bin/exe/libpavdll_qm.so.3.2.1.8: W32.GriYo FOUND
/tmp/clamav-e180bb86ba8ccdcb/bin/update/download_sf.sh: Eicar-Test-Signature FOUND
/tmp/clamav-e180bb86ba8ccdcb/bin/update/test_sf.sh: Eicar-Test-Signature FOUND
----------- SCAN SUMMARY -----------
Known viruses: 21694
Scanned directories: 10611
Scanned files: 76414
Infected files: 5
Data scanned: 13426.26 MB
I/O buffer size: 131072 bytes
Time: 5617.092 sec (93 m 37 s)
*******************
/tmp/clamav* doesn't exist anyplace that I can find. I'm going to clear the squid cache and see if the makes a difference on the next one, but if anybody has any suggestions I would appreciate them.
-
The trojan quit showing up after clearing squid, but the two test virues and GriYo still show up in non-existent directories. From what I can find, GriYo don't even seem to be a virus, but the nickname of a virus author. Anybody have any ideas how to get rid of what appears to be a glitch.
/tmp/clamav-7c35688101633958/usr/lib/libpavdll.so.3.6.0.1: W32.GriYo FOUND
/tmp/clamav-2de0cc3f61ff980f/bin/exe/libpavdll_qm.so.3.2.1.8: W32.GriYo FOUND
/tmp/clamav-2de0cc3f61ff980f/bin/update/download_sf.sh: Eicar-Test-Signature FOUND
/tmp/clamav-2de0cc3f61ff980f/bin/update/test_sf.sh: Eicar-Test-Signature FOUND
-
I also have this same problem