ClamAV found many threats; What do I do now?
by derezion from LinuxQuestions.org on (#50K2Q)
ClamTK/ClamAV found so many threats" What should I do now?
So I did a full scan with ClamTK. I scanned for everything including PUAs using my standard account on Ubuntu. ClamTK found a lot of threats. It could have been a little over a hundred. It showed me a list of results and gave me three options at the bottom: Quarantine, Delete, and Analysis and the it had three columns: File, Status, and Action Taken. The thing is the Quarantine option didn't seem to do anything most of the time. When I deleted a file it would be marked as deleted in the results window under Action Taken. Anyway, the first half the threats it reported were in
/usr/lib/libreoffice/share/basi"
I didn't want LibreOffice to stop working so these are the files I tried to quaratine. They had things like PUA.Tool.LibreOffice" in the status
The threats were from three primary sources: LibreOffice system files (I assume), files including js files from webpages I saved on this machine, and old Windows programs I backed up on this computer.
Some of the stuff found:
# In Saved pages:
PUA.Doc.Tool.LibreOfficeMa"
PUA.Html.Trojan.Agent-3707...
PUA.Pdf.Trojan.EmbeddedJavascript"
# In Downloaded Windows apps
PUA.Win.Adware.Slugin-680"
PUA.Win.Downloader.Aiis-68...
PUA.Win.Malware.Speeding"
PUA.Win.Packer.InnoInstaller...
I could go on.
With the LibreOffice files I tried to quarantine all of them but everything else (the files from saved web pages and Windows programs) I deleted.
Where do I go from here? FYI: I was going to set up a dual boot soon and wipe out this hard drive soon with my brother anyway but I don't know when that will be.
So I did a full scan with ClamTK. I scanned for everything including PUAs using my standard account on Ubuntu. ClamTK found a lot of threats. It could have been a little over a hundred. It showed me a list of results and gave me three options at the bottom: Quarantine, Delete, and Analysis and the it had three columns: File, Status, and Action Taken. The thing is the Quarantine option didn't seem to do anything most of the time. When I deleted a file it would be marked as deleted in the results window under Action Taken. Anyway, the first half the threats it reported were in
/usr/lib/libreoffice/share/basi"
I didn't want LibreOffice to stop working so these are the files I tried to quaratine. They had things like PUA.Tool.LibreOffice" in the status
The threats were from three primary sources: LibreOffice system files (I assume), files including js files from webpages I saved on this machine, and old Windows programs I backed up on this computer.
Some of the stuff found:
# In Saved pages:
PUA.Doc.Tool.LibreOfficeMa"
PUA.Html.Trojan.Agent-3707...
PUA.Pdf.Trojan.EmbeddedJavascript"
# In Downloaded Windows apps
PUA.Win.Adware.Slugin-680"
PUA.Win.Downloader.Aiis-68...
PUA.Win.Malware.Speeding"
PUA.Win.Packer.InnoInstaller...
I could go on.
With the LibreOffice files I tried to quarantine all of them but everything else (the files from saved web pages and Windows programs) I deleted.
Where do I go from here? FYI: I was going to set up a dual boot soon and wipe out this hard drive soon with my brother anyway but I don't know when that will be.