Questions tagged [malware]
Malware is any software application which subverts the will of the legitimate owner of a computer, by means of force or subterfuge, with or without personal or monetary gain on the part of the creator.
338
questions
0
votes
1
answer
52
views
Nginx 404 - Nginx redirecting every page to 404 not found (nginx 404 page) for all of the sites with html status code 200
My Ubuntu web server was running production sites just normal with nginx and some PHP and python applications. Just about 2 days ago, it started redirecting to 404 Not Found Page for all the sites ...
0
votes
1
answer
134
views
Windows Server 2019 printer cannot be shared due to remote connections blocked
Yesterday all domain clients lost connectivity to a printer share on Windows Server 2019.
Printer is used by domain clients via print share, and is available via Active Directory.
After trying many ...
0
votes
0
answers
116
views
ClamAV scanning remote hosts from windows server
I am trying to find a way for ClamAV to scan remote hosts on my LAN and possibly automate this so it runs every night, I have around 10 - 15 VMs I'd like to scan and get reports for. I have installed ...
0
votes
0
answers
47
views
Ubuntu high processor utilization with no identifiable processes consuming processor [duplicate]
Ubuntu host with 100% utilization in top or htop.
When I inspect the running processes, I don't see a process consuming a significant amount of CPU resources.
I've tried using commands like top, htop, ...
0
votes
2
answers
160
views
How to wipe and completely reinstall all firmware on MikroTik router?
I have a brand new MikroTik router that behaves strangely out of the box (came with RouterOS version 7.11, upgraded to 7.14.1, default admin account disabled) - even when its configuration is ...
1
vote
1
answer
311
views
Is there a tool like ClamAV to scan PHP and JS files?
We're offering a shared web hosting service, where many websites live on the same server.
Since a lot of people don't update their stuff, they get pirated all the time. Now, the websites are ...
0
votes
0
answers
29
views
Kill a malware process running in the background [duplicate]
I have a WordPress site sitting on a Docker container and which was infected by a malware. I noticed that when I try to remove the malware, it gets back again after a few seconds. When I run a process ...
0
votes
0
answers
31
views
/usr/lib/sys/sysinit is it a virus [duplicate]
i have a little experince in managiing debian server.
at the last few days i found a strange behaviour from my apache2 host web app
in term of failer to upload files with "UPLOAD_ERR_NO_TMP_DIR: ...
0
votes
0
answers
44
views
Centos :: Can't delete file with "rm" under "/", operation is not permitted [duplicate]
I have a CentOS server.It has been hasked.There are some malicious file under "/", like "/11db32e5", the AV scanner say it is a "HackTool/Linux.CoinMiner.n". But i cannot ...
0
votes
0
answers
101
views
Cuckoo sandbox - Failure in AnalysisManager.run
I have cuckoo running on Debian 10 with an Ubuntu guest VM. I submit a file for analysis, it runs and says "reported" but the report loads a 404 page. I see the following on the cuckoo ...
0
votes
0
answers
29
views
Someone installed a cryptominer on my Ubuntu server [duplicate]
It seems someone gained access to my ubuntu server and installed a cryptominer. This user added a crontab for the user "git" on my server. I disconnected the server from the internet and I ...
-1
votes
1
answer
2k
views
ClamAV detected Win.Virus.Expiro-10004389-0 malware on Ubuntu instance in Conda package
Today clamAV scanned my AWS instances and detect infected files on each. It looks like false positive due to several reasons:
All these files are created in 2021 (why were they detected only
now?)
...
10
votes
4
answers
7k
views
ClamAV detected Kaiji malware on Ubuntu instance
Today clamAV scanned my AWS instances and detect 24 infected files on each.
It looks like false positive due to several reasons:
All these files are created in October 2022 (why were they detected ...
0
votes
0
answers
102
views
How does pandora.x86 infect cloud servers?
We have a cloud server instance hosted at vultr. A previous instance at this provider has been infected by pandora.x86 a few weeks ago, causing 100% CPU load and over 1TB of traffic. (We believe it is ...
0
votes
2
answers
52
views
Why not nuke an machine after malware cleanup? [closed]
So this is a noob question.
Why do we perform a clean up on a machine that has been infected with malware and not nuke it directly instead? I understand that in some situations this would not be ...