Welcome to SparkyLinux forums
Zapraszamy również na polsko-języczne Forum https://forum.linuxiarze.pl

Hi i found some Malware with open clamav.

Started by Rival, March 13, 2019, 01:39:16 PM

Previous topic - Next topic

Rival

dmesg | grep random use this command to see something random. And if its an wrong file name for example alsactl for random file bytes i did got. Its possible you have malware. (alsactl isnt an package for debain its alsa-utils.)

And yeah malware can make your pc go Random numbers even more.

paxmark1

Sparky 4 or 5??   Other  important items.     What version of ClamAv.     Any problems identified via rkhunter  ?  There will be a few false positives for you to investigate.

Do you have alsa-tools installed.  if so  - then
http://www.linuxfromscratch.org/blfs/view/8.4/multimedia/alsa-utils.html

You do have alsactl.  I do not have alsa-tools installed. 

Been awhile.  Old fading memory is that clamav is best at keeping from sending windoze exploits to windoze friends via emails  etc.  There is alway a possibility of a false positive.  But looking at their website, it appears they do more now. 

The command; did you do it as user or sudo  (or in a root terminal)   

sudo dmesg | grep random                                                                                                                   
[sudo] password for paxmark:                                                                                                                                 
[    0.000000] random: fast init done                                                                                                                       
[    4.009524] random: crng init done       



But seriously,  post the command you entered  and the output - formatted as code

Document claims - Where did you get the information for your claims. 


Search forum for "More info easier via inxi"    If requested -  no inxi, no help for you by  me.

View the most recent posts on the forum