Based on some other threads saying that while viruses weren’t a problem in Linux, but there have been some efforts to cause problems, I downloaded klamav and clamav this morning. I told Klamav to scan the drive and it came up with the following.
I have a hard time believing those “viruses” are for real. Klamav wanted to quarantine them, but I told it to do nothing till I can hear from you. I have a great working openSUSE 12.1 KDE system. I’d like to keep it that way. (If this was a Windows system I was scanning, I’d believe the worst and not question the finds.) BTW, Thunderbird was running at the time, so that could be the cause of the two Thunderbird “viruses”.
Here are the scanning options I’m using. They are the defaults. Are these set the way you’d recommend? If not, what changes would you make?
On 2011-12-28 21:56, crypkema wrote:
> Here are the scanning options I’m using. They are the defaults. Are
> these set the way you’d recommend? If not, what changes would you
> make?
I don’t know the definition of “broken executable”. And the “treat
encrypted files as suspicious” is also “suspicious” itself.
With those options active it also complains on my /boot.
–
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)
You said you have read threads about this “viruses on Linux” subject. But either these were lousy threads or you did not understand them.
There are no known viruses for Linnux. Thus how can any anti-virus software claim to be able to find their footprints? Anti-virus software compares file content with known patterns of viruses. That is why these anti-virus software has databases with those patterns/footpints that are to be updated daily. When nobody knows about any Linux virus, there can be no such patterns in that database. Thus searching in your Linux systemfiles (and user files that never are touched by Windows) is fruitless.
Only thing you can do is search files that come and go to Windows systems (like when you have a mail server). Not to protect your Linux system (because Windows viruses are incompatible with Linux), but to protect your fellow Window users.
I stumbled upon this thread titled “wine HQ Hacked”](http://forums.opensuse.org/english/other-forums/news-announcements/tech-news/466332-wine-hq-hacked.html) yesterday before installing Klamav and later starting this thread because of what it found. Number 1 below didn’t bother me at all. I don’t have any nuclear reactors in my home. Number 2 and 3 though did catch my attention. I probably just did not understand.
There are virusses for Linux. Developped by Kaspersky, in their labs. The only thing about them is, that they have to be executed by hand by root and stop working after a reboot. Kaspersky used to publish about this approx. once a year. Guess they stopped. This does not mean there’s no malware at all for linux, but clamav is not going to help you there.
I join the advice: the best way for clamav is to uninstall it and not bother about virusses.
