[clamav-users] Installing question

MOHAMED OMAR MAKRAM adamupaccounting at gmail.com
Wed Mar 27 12:05:02 EDT 2019


I do not know if the virus is on the server, in the files, or in the db.
Here is what I know:
Under each folder of each site, files appear with a name such as:
f68z319m.php
When visitors go to my websites, they get a message that the site is
unsecured

Does this information help identify the issue, or where to look for the
virus?

Thank you. I am really desperate for help.

On Wed, Mar 27, 2019 at 8:47 AM Micah Snyder (micasnyd) via clamav-users <
clamav-users at lists.clamav.net> wrote:

> I agree with What J.R. said regarding "bigger issues". ClamAV and other
> anti-malware tools may help you detect malware before it runs on your
> machine, but it is not sufficient to get rid of it if your system has
> already been compromised.  It  would be safest to rescue your data offline
> and reinstalling your operating system from scratch.  Hopefully you have
> backups you can revert to, if a fresh reinstall isn't an option for you.
> This is personal advice, and I take no responsibility for any data loss you
> may incur.  This mailing list is also not the best avenue for incident
> response advice.
>
> For those wishing to use ClamAV, we do have step by step instructions to
> install ClamAV for a handful of operating systems using the materials we
> publish:
>
> Windows - http://www.clamav.net/documents/installing-clamav-on-windows
> <https://llink.to/?u=http:%2F%2Fwww.clamav.net%2Fdocuments%2Finstalling-clamav-on-windows&e=15d0a2184627e24f99c03314c699fb85>
> Debian & Ubuntu -
> https://www.clamav.net/documents/installation-on-debian-and-ubuntu-linux-distributions
> <https://llink.to/?u=https:%2F%2Fwww.clamav.net%2Fdocuments%2Finstallation-on-debian-and-ubuntu-linux-distributions&e=15d0a2184627e24f99c03314c699fb85>
> Redhat & CentOS -
> https://www.clamav.net/documents/installation-on-redhat-and-centos-linux-distributions
> <https://llink.to/?u=https:%2F%2Fwww.clamav.net%2Fdocuments%2Finstallation-on-redhat-and-centos-linux-distributions&e=15d0a2184627e24f99c03314c699fb85>
> macOS - https://www.clamav.net/documents/installation-on-macos-mac-os-x
> <https://llink.to/?u=https:%2F%2Fwww.clamav.net%2Fdocuments%2Finstallation-on-macos-mac-os-x&e=15d0a2184627e24f99c03314c699fb85>
>
> Regards,
> Micah
>
> On 3/27/19, 9:37 AM, "clamav-users on behalf of J.R. via clamav-users" <
> clamav-users-bounces at lists.clamav.net
> <https://llink.to/?u=mailto:clamav-users-bounces%40lists.clamav.net&e=15d0a2184627e24f99c03314c699fb85>
> on behalf of clamav-users at lists.clamav.net
> <https://llink.to/?u=mailto:clamav-users%40lists.clamav.net&e=15d0a2184627e24f99c03314c699fb85>>
> wrote:
>
>     > I am new here and I don't know how to use drush or command line. Can
> I
>     > still install clamav? Is there an installation guide for absolute
> beginners
>     > like me?
>
>     What OS? Windows there is an exe that has a GUI. Linux distro's
>     typically have their own packages which you would install through your
>     OS's package manager.
>
>     There's lots of guides out there, just have to google...
>
>     > I have a virus on my server and I have no idea where to begin to get
> rid of
>     > it. I have four sites, all are personal sites and all are drupal.
>
>     If drupal got exploited, you are going to have bigger issues and
>     probably more than what ClamAV will find.
>
>     _______________________________________________
>
>     clamav-users mailing list
>     clamav-users at lists.clamav.net
> <https://llink.to/?u=mailto:clamav-users%40lists.clamav.net&e=15d0a2184627e24f99c03314c699fb85>
>     https://lists.clamav.net/mailman/listinfo/clamav-users
> <https://llink.to/?u=https:%2F%2Flists.clamav.net%2Fmailman%2Flistinfo%2Fclamav-users&e=15d0a2184627e24f99c03314c699fb85>
>
>
>     Help us build a comprehensive ClamAV guide:
>     https://github.com/vrtadmin/clamav-faq
> <https://llink.to/?u=https:%2F%2Fgithub.com%2Fvrtadmin%2Fclamav-faq&e=15d0a2184627e24f99c03314c699fb85>
>
>     http://www.clamav.net/contact.html#ml
> <https://llink.to/?u=http:%2F%2Fwww.clamav.net%2Fcontact.html%23ml&e=15d0a2184627e24f99c03314c699fb85>
>
>
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users at lists.clamav.net
> <https://llink.to/?u=mailto:clamav-users%40lists.clamav.net&e=15d0a2184627e24f99c03314c699fb85>
> https://lists.clamav.net/mailman/listinfo/clamav-users
> <https://llink.to/?u=https:%2F%2Flists.clamav.net%2Fmailman%2Flistinfo%2Fclamav-users&e=15d0a2184627e24f99c03314c699fb85>
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> <https://llink.to/?u=https:%2F%2Fgithub.com%2Fvrtadmin%2Fclamav-faq&e=15d0a2184627e24f99c03314c699fb85>
>
> http://www.clamav.net/contact.html#ml
> <https://llink.to/?u=http:%2F%2Fwww.clamav.net%2Fcontact.html%23ml&e=15d0a2184627e24f99c03314c699fb85>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20190327/bb725c95/attachment.html>


More information about the clamav-users mailing list