place to upload file for virus inspection?

Issues related to applications and software problems
Post Reply
edwardsmarkf
Posts: 51
Joined: 2012/07/06 23:57:24

place to upload file for virus inspection?

Post by edwardsmarkf » 2018/05/24 15:48:25

hello -

is anybody aware of a place to upload a file for virus inspection?

it passes the clamav test:

clamscan /home/DOMAIN.com/public_html/wp-admin/js/widgets/d643e4 ;
/home/DOMAIN.com/public_html/wp-admin/js/widgets/d643e4: OK

----------- SCAN SUMMARY -----------
Known viruses: 6518449
Engine version: 0.99.4
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.74 MB
Data read: 0.73 MB (ratio 1.01:1)
Time: 53.530 sec (0 m 53 s)

but i still wonder what it is and where it came from.

i see the following in "top":

22003 compton+ 20 0 389304 5152 404 S 33.2 0.2 6:23.48 d643e4


and followed it further here:

# ps aux | grep 22003 ;

compton+ 22003 19.7 0.1 389304 5152 ? Ssl 11:13 6:27 /home/DOMAIN.com/public_html/wp-admin/js/widgets/d643e4

# ls -ltr /home/DOMAIN.com/public_html/wp-admin/js/widgets/d643e4 ;

-rwxr--r-- 1 DOMAIN.com DOMAIN.com 773516 May 24 11:13 /home/DOMAIN.com/public_html/wp-admin/js/widgets/d643e4

and a special thank-you to Trevor for always being patient with my silly questions.

User avatar
avij
Retired Moderator
Posts: 3046
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:

Re: place to upload file for virus inspection?

Post by avij » 2018/05/24 15:55:48


edwardsmarkf
Posts: 51
Joined: 2012/07/06 23:57:24

Re: place to upload file for virus inspection?

Post by edwardsmarkf » 2018/05/24 16:49:11

interesting results:
ESET-NOD32 -- a variant of Linux/CoinMiner.AE potentially unwanted

Kaspersky -- not-a-virus:HEUR:RiskTool.AndroidOS.Miner.b

ZoneAlarm -- not-a-virus:HEUR:RiskTool.AndroidOS.Miner.b
i also looked here: https://ma.ttias.be/how-to-identify-the ... linux-box/

it turns out this rogue process was in communication with a foreign country!

Post Reply