Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

7 POSSIBLE Trojans Detected

Discussion in 'General Discussion' started by mrcancel, Jun 8, 2007.

  1. mrcancel

    mrcancel Registered

    Joined:
    Jun 4, 2007
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    151
    Hello,
    Sorry for my english and my newbie !
    I have proceed scan for trojans on WHM and result below :
    Please help me explain them for me ! They are trojans or not ???
    Thanks you !
     
  2. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    655
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Canada
    Run rkhunter and chkrootkit, instead through shell. The trojan scanner in WHM is junk.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    But but but ... the trojan scanner in cpanel IS junk!!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. DaemonLee

    DaemonLee Member

    Joined:
    Jul 8, 2005
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    151
    It very much is, junk.


    I 2nd the recommendations on chrootkit and rkhunter. Please use the aforementioned and then get back to us.
     
  5. Daniel15

    Daniel15 Well-Known Member

    Joined:
    Oct 7, 2006
    Messages:
    85
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Palo Alto, CA (originally Melbourne, Australia)
    cPanel Access Level:
    Website Owner
    Twitter:
    Yep, it's definitely junk... Here's what it returned for me:
    None of those files are trojans, I checked them myself.

    Yep, those dots it returns are quite useful :P
     
  6. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    22
    Trophy Points:
    463
    Location:
    Go on, have a guess
    The reason you get so many false-positives is that you have OS vendor installed rpms which cPanel overwrites with copies compiled from source. The Trojan function simply performs an rpm -V on the rpm database and reports the inconsistencies that this causes.

    For that reason, it isn't that much practical use and you're better off using a tool that monitors for binary/library file changes.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice