Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Do I have real viruses or not?

Discussion in 'General Discussion' started by lexmark, Apr 20, 2004.

  1. lexmark

    lexmark Well-Known Member

    Joined:
    Sep 10, 2003
    Messages:
    115
    Likes Received:
    0
    Trophy Points:
    166
    Hello, I did a trojan scan on my server and it displayed this:

    /dev/stderr



    Scanning for Trojan Horses.....


    Possible Trojan - /usr/bin/podchecker

    Possible Trojan - /usr/bin/pstruct

    Possible Trojan - /usr/bin/splain

    Possible Trojan - /usr/bin/xsubpp

    Possible Trojan - /usr/bin/pear


    5 POSSIBLE Trojans Detected


    I was told that sometimes the files are not trojans. Are these files trojans, and if they are what do I have to do? The reason I did a scan is because while I was logged into cpanel I accidently clicked on the link "Generate/Download a Full Backup" I clicked cancel but then my antivirus said it detected a trojan from that link. What do I have to do to fix this. Thanks
     
  2. midnightz

    midnightz Active Member

    Joined:
    Apr 25, 2003
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    151
  3. lexmark

    lexmark Well-Known Member

    Joined:
    Sep 10, 2003
    Messages:
    115
    Likes Received:
    0
    Trophy Points:
    166
    Thanks, will that fix it or just check the server?
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    22
    Trophy Points:
    463
    Location:
    Go on, have a guess
    It'll check the server for root kits (the things hackers use to abuse a compromised server).

    The trojan checker in WHM is, mostly, a waste of time as it mainly just gices false positives. You should use chkrootkit and run it regularly.

    Another similar too is Rootkit Hunter:

    http://www.rootkit.nl/projects/rootkit_hunter.html
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. lexmark

    lexmark Well-Known Member

    Joined:
    Sep 10, 2003
    Messages:
    115
    Likes Received:
    0
    Trophy Points:
    166
    Hello, I ran chrootkit and it said not infect and nothing deleted/found so I suppose I am ok :D
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice