Linux Lite Forums

General => Security & Bug Fixes => Topic started by: Alex on February 12, 2016, 07:57:00 AM

Title: ClamTK found a trojan
Post by: Alex on February 12, 2016, 07:57:00 AM
On a routine scan (ClamTK) of the LL I installed as a dual boot on my laptop I got the following result:

(http://thegomc.com/DPInew/image-AA72_56BDD5D7.jpg) (http://thegomc.com/DPInew/share-AA72_56BDD5D7.html)


Clam will not quarantine it nor delete it (them)

Any suggestions?

TYVM
Title: Re: ClamTK found a trojan
Post by: rokytnji on February 12, 2016, 08:14:33 AM
They are sitting in /home. Why don't you right click and delete them? Unless you want to know why clam won't delete or quarantine them.

Title: Re: ClamTK found a trojan
Post by: Alex on February 12, 2016, 08:56:28 AM
TY for the quick reply. I did right click on them and pressed delete. ClamTk said it could not delete them.
Title: Re: ClamTK found a trojan
Post by: Scott on February 12, 2016, 09:22:05 AM
Hi Alex

You may need administrator permissions to delete those files. I keyed in on 'recup_dir.1' in the file path and did a Google search on the term and found this:
https://askubuntu.com/questions/101162/unable-to-delete-recup-dir-1-folder (https://askubuntu.com/questions/101162/unable-to-delete-recup-dir-1-folder)

Does this help?

Scott
Title: Re: ClamTK found a trojan
Post by: DLX on February 12, 2016, 09:39:08 AM
Sorry Alex no help for you hope you not mind me asking a question.

Will files not run as win.trojan ?
I didn't think I had to worry about Virus on Linux !

Thanks
Title: Re: ClamTK found a trojan
Post by: liamjake05 on February 13, 2016, 01:00:22 PM
delete them from a live cd
Title: Re: ClamTK found a trojan
Post by: Wirezfree on February 13, 2016, 01:38:03 PM
Google them win.trojan.bancos-2115
Reported as False Positives for ClamAV
Update ClamAV virus definition
Many have been fixed already.
Title: Re: ClamTK found a trojan
Post by: Alex on February 19, 2016, 06:38:09 PM
thank you all for your help. Scott's link proved very useful and it solved the problem. The trojans appeared to do no harm while they were there, I suspect that they couldn't as they seemed to be DOS based.

alex