The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

delete virus by clamav

Discussion in 'Security' started by osama.alani, Jun 27, 2013.

  1. osama.alani

    osama.alani Member

    Joined:
    Oct 21, 2012
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    hello,
    by this command i can scan my server from shell

    clamscan --infected --recursive /home/

    what is the command to delete virus by clamav for specific domain

    and what is the command for the whole domains please ?


    Thanks for help
     
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,

    To delete the infected files from specific domain, Please try with the following command


    And try following command to scan all domains files

     
  3. osama.alani

    osama.alani Member

    Joined:
    Oct 21, 2012
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    thank you
    but when i tried to delete infected files it tell me that file can't be removed

    what shall i do please ?

    Thanks
     
  4. faisikhan

    faisikhan Well-Known Member

    Joined:
    Dec 12, 2011
    Messages:
    88
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Islamabad, Pakistan
    cPanel Access Level:
    Root Administrator
    What command did you try to delete the infected files?
     
  5. HostingH

    HostingH Well-Known Member

    Joined:
    Jan 13, 2008
    Messages:
    73
    Likes Received:
    3
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hello,

    Check the permissions/ownership like attributes.

    clamscan /home/USERNAME/public_html -ir --remove=yes >> This command scans and cleans the viruses or files.
    You can also use Maldet for scanning the account or servers.
     
  6. stdout

    stdout Well-Known Member

    Joined:
    Apr 10, 2003
    Messages:
    189
    Likes Received:
    5
    Trophy Points:
    18
    Location:
    Nelspruit, Mpumalanga, South Africa
    cPanel Access Level:
    Root Administrator
    Either you aren't root OR the file(s) were deliberately made immutable using chattr.
    Have you tried removing removing the immutable flag on the file(s) yet? eg. "chattr -ia filename.ext"

    The chattr command does accept the -R (recursive) flag.

     
  7. osama.alani

    osama.alani Member

    Joined:
    Oct 21, 2012
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    hello, i'm using

    clamscan -ir --remove /home/

    to remove and it really removed some files but some other can't be removed
    i have no idea what to do

    Thanks
     
  8. stdout

    stdout Well-Known Member

    Joined:
    Apr 10, 2003
    Messages:
    189
    Likes Received:
    5
    Trophy Points:
    18
    Location:
    Nelspruit, Mpumalanga, South Africa
    cPanel Access Level:
    Root Administrator
    Have you tried changing the attributes on the file(s) you cannot remove?
    You can verify IF a file is immutable by listing the file using "lsattr <filename>".

    ie. "lsattr /home/username/thisfile.php"
     
  9. osama.alani

    osama.alani Member

    Joined:
    Oct 21, 2012
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello,
    everything is done , now my server 100% free of trojans
    i just did it many times and now it say free of viruses

    thanksa lot for help
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You may want to consider moving or quarantining the files in the future instead of deleting them. This will allow you to review the files, or backup certain aspects of the files if necessary.

    Thank you.
     
Loading...

Share This Page