Virus problem...

[Carl Friis-Hansen]

Ray Parrish wrote:
> Ray Parrish wrote:
>> Hello,
>>
>> Well, evidently it is not impossible to get a virus in Ubuntu... have a 
>> look at this screen shot of clamav. 
>> http://www.rayslinks.com/Screenshot-68.png
>>
>> When I select quarantine file from the clamav pop up menu, the file 
>> listings disappear, but when I select empty quarantine, it tells me 
>> there is nothing to delete. Then when I do a scan again, this listing 
>> pops up again with the same files.
>>
>> Any ideas how I'm going to get out of this without a complete re-install?
>>
>> Thanks for any help you can be. Ray Parrish
>>   
> Apparently those entries in the screen shot are pointing to folders in 
> the /root/.clamtk/ folder, which were written when it found the viruses, 
> and I quarantined them the first time, then deleted them. I cannot open 
> the folders in gedit's file open dialog to inspect any files which may 
> reside in them.
> 
> ray at RaysComputer:~/Downloads$ cd /root/.clamtk
> ray at RaysComputer:/root/.clamtk$ ls -a
> .  ..  history  prefs  viruses
> ray at RaysComputer:/root/.clamtk$ cd ./viruses
> ray at RaysComputer:/root/.clamtk/viruses$ ls -a
> .  ..  cache.VIRUS.VIRUS.VIRUS.VIRUS  gdm.VIRUS.VIRUS.VIRUS.VIRUS.VIRUS
> ray at RaysComputer:/root/.clamtk/viruses$ cd 
> ./gdm.VIRUS.VIRUS.VIRUS.VIRUS.VIRUS
> bash: cd: ./gdm.VIRUS.VIRUS.VIRUS.VIRUS.VIRUS: Permission denied
> ray at RaysComputer:/root/.clamtk/viruses$
> 
> Once again, any help appreciated. There was a dd process running as weil 
> which I killed with terminal, as it could not be killed in System 
> Monitor. I do not normally see dd processes running on my system, so I 
> killed it.
> 
> [other than that, all things are running well with no anomalies that I see]
> 
> Later, Ray Parrish

I suppose the virus scanner has set the permissions so directory 
listning is disallowed.  You might need to set x for the directory by 
means of sudo.

Are you sure it is not just a false positive?


Carl Friis-Hansen