Atomicorp

Hi,

Had these for a couple of days on the logwatch on plesk and need to find out how to fix it.

--------------------- Clamav Begin ------------------------

Viruses detected:
Atomicorp.honeypot.hex.php.cmdshell.unclassed.344.UNOFFICIAL: 24 Time(s)
......................................................................................................................

Any ideas? (what it means, what type of virus, where to find the information, what to do next)

Thanks

That log is incomplete so there isnt really any information in it, did it actually write to syslog like that?

I think thats the message from logwatch.

So ASL will display any clamav messages in the ASL gui, along with any details. Please log into asl, and search in the events window for any clamav events and let us know you see.

Not exactly sure what to look for in the ASL events as clamav has many entries.

Could you advice me please?
This mention in logwatch has been going on for more then a month.

Thanks for the question, so you can search for clamav events a couple of different ways:

1) search for the word "clam" in the ASL gui

2) You can search for the specific rule IDs that are used for malware, 52502 is the big one.\