comodo anti virus
Any one else get this message from comodo anti virus program?
Malware@#30wnk9b93bae3 /usr/lib64/totem/plugins/grilo/totem-grilo.conf
3 Answers
I don't use comodo antivirus on Fedora, but can give you a few pointers.
First, Comodo antivirus is a third party proprietary product. Your best venue for support for such products is from the place you got it from.
I don't have this file on my system, or any package in the configured repos that would provide it. Check if you have a third party repo that provides it with repoquery -qf /usr/lib64/totem/plugins/grilo/totem-grilo.conf to get the name of the package. If it is packaged, rpm -V $packagename will verify that the package's contents have not been altered.
That still leaves you with the question of whether the file is actually malware. If this were an open source package, you could look at the software's sources to verify it isn't doing anything malicious. (Note, btw, that you probably cannot do this with comodo!). If the package would have come from the Fedora repositories, you would have the further assurance that the code and package had been reviewed by Fedora maintainers.
For the most part, any concerns about bad actors (outside of your home directory, anyway) are typically mitigated on Fedora by restricting yourself to trusted, transparent software sources, careful use of administrative privileges, and built-in security features like SELinux.
Found it. Comodo anti-virus is using the core dump '/var/lib/systemd/coredump/.core.cmgdaemon.0.973ae84158de44c3b54cc922b157797b.838.14256315200000004d0c6ba703c2db67: Exploit.JS.HTML-2 FOUND' as the quarantine directory. Cool, when I run the Clamav anti-virus program, it finds the quarantine directory, and my command line moves the virus to the trash. All is good on Fedora.
I believed that your questions was answered, but one more thing.
Linux users normally used limited user accounts and became the root user only when necessary. Linux also has other security features, like AppArmor and SELinux.
Also if there is a partitions that you need to scan in a dual boot machine you will need ClamTk.
Regards,
Stats
Asked: 2015-02-21 10:56:51 -0600
Seen: 1,134 times
Last updated: Mar 07 '15
Man; Comodo Antivirus?; surely all use a proprietary Antivirus here haha
Guess what, Fedora 21 & Clamav, just said that cmgdaemon has a virus. I moved it to quarantine and it vanished. Strange, I'll have to find that file to check it out. I'll run Clamscan again to find it. Found it. ".core.cmgdaemon.0.2a145ef0d4844cfdba5539ed6407edb3.843.1424601835000000828b506bf4715b8d" That's two that I've found, I've been running Clamav for quiet a while, and never found any virus at all. Comodo just ran one time, and I've found it in the Fedora install.