Does my Debian box have a virus?

Discussion in 'OT Technology' started by DatacomGuy, Mar 10, 2005.

  1. DatacomGuy

    DatacomGuy is moving to Canada

    Joined:
    Oct 14, 2002
    Messages:
    16,546
    Likes Received:
    0
    Location:
    Tampa, FL
    I recently reformated my main PC (WinXP Pro) and obtained a virus shortly thereafter (few days ago) when I downloaded a questionable item (won't go into details)..This virus wrecked havoc on my main PC.. actually; it's been a nitemare including my router dying and everything.. very bizarre. I never even thought it would infect my debian machine, and maybe it hasn't. Here are the details:

    Upon checking free I see that I have 2% RAM left. Also I was able to install ClamAV but I can't run it for whatever reason.

    SSH works...apache works..mysql works.. I can connect to the site through any of these services but the resources are blown out.

    I don't have any active backups on this system which is my fault.. But what are my options? Any thoughts on what is wrong with system? IS it in fact a virus or is it something else?
     
  2. crontab

    crontab (uid = 0)

    Joined:
    Nov 14, 2000
    Messages:
    23,459
    Likes Received:
    12
    I'm not sure how your infected PC is related to your debian box. Is the OS installed on the same PC? On the same network? Beside, there is no windows virus that can infect linux, completely different platforms.

    What does top show? Or ps aux? Got any zombie or defunct processes? Anything in /var/log/messages?

    There are some nasty virii out there now. I downloaded a crack from altavista the other day and the sites it directed me to destroyed just about everything. Popup blockers and avast didn't do ish. I got it back up, but it isn't the same anymore. Archiving some stuff to cd before I rebuild. Was supposed to rebuild it 2 years ago...
     
  3. Rob

    Rob OT Supporter

    Joined:
    Jul 6, 2002
    Messages:
    88,631
    Likes Received:
    41
    Location:
    Atlanta, GA
    I highly doubt it. :o

    There isn't much RAM in that machine anyways is there? It isn't that unusual for the machine to be at full ram usage. :dunno:
     
  4. DatacomGuy

    DatacomGuy is moving to Canada

    Joined:
    Oct 14, 2002
    Messages:
    16,546
    Likes Received:
    0
    Location:
    Tampa, FL
    Same network, different box.. That's how I got this virus (on astalavista).. same thing. Pisses me off. :mad: Just as you say, its not the same..

    The machine has 160MB of physical memory and 500M swap file..

    http://24.161.244.110/sysinfo/

    Normally right after all the services load it's at about 25-35%. With this crap the second it boots up I'm at 98-99%.. I KNOW that's not right.

    TOP showed no bizarre processes or services.. everything looked right. Same with ps -aux.. nothing in the logs either.

    I finally got clamavd to scan and it found 4 infections.. it didn't mention if it cleaned them or what, but I rebooted and now I'm back down to 35% again.

    So bizarre.. but it's working again so :dunno:

    Now that that's out of the way, how do I back this beast up just in case of future problems? :p

    BTW, here is PS -AUX:
     
  5. Rob

    Rob OT Supporter

    Joined:
    Jul 6, 2002
    Messages:
    88,631
    Likes Received:
    41
    Location:
    Atlanta, GA
    Weird....what was the name of the virus clam found?
     
  6. DatacomGuy

    DatacomGuy is moving to Canada

    Joined:
    Oct 14, 2002
    Messages:
    16,546
    Likes Received:
    0
    Location:
    Tampa, FL
    It didn't say, that's another weird part..

    Also weird: I can get on OT from work? :confused:
     

Share This Page