The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Do I have real viruses or not?

Discussion in 'General Discussion' started by lexmark, Apr 20, 2004.

  1. lexmark

    lexmark Well-Known Member

    Joined:
    Sep 10, 2003
    Messages:
    115
    Likes Received:
    0
    Trophy Points:
    16
    Hello, I did a trojan scan on my server and it displayed this:

    /dev/stderr



    Scanning for Trojan Horses.....


    Possible Trojan - /usr/bin/podchecker

    Possible Trojan - /usr/bin/pstruct

    Possible Trojan - /usr/bin/splain

    Possible Trojan - /usr/bin/xsubpp

    Possible Trojan - /usr/bin/pear


    5 POSSIBLE Trojans Detected


    I was told that sometimes the files are not trojans. Are these files trojans, and if they are what do I have to do? The reason I did a scan is because while I was logged into cpanel I accidently clicked on the link "Generate/Download a Full Backup" I clicked cancel but then my antivirus said it detected a trojan from that link. What do I have to do to fix this. Thanks
     
  2. midnightz

    midnightz Active Member

    Joined:
    Apr 25, 2003
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    0
  3. lexmark

    lexmark Well-Known Member

    Joined:
    Sep 10, 2003
    Messages:
    115
    Likes Received:
    0
    Trophy Points:
    16
    Thanks, will that fix it or just check the server?
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    It'll check the server for root kits (the things hackers use to abuse a compromised server).

    The trojan checker in WHM is, mostly, a waste of time as it mainly just gices false positives. You should use chkrootkit and run it regularly.

    Another similar too is Rootkit Hunter:

    http://www.rootkit.nl/projects/rootkit_hunter.html
     
  5. lexmark

    lexmark Well-Known Member

    Joined:
    Sep 10, 2003
    Messages:
    115
    Likes Received:
    0
    Trophy Points:
    16
    Hello, I ran chrootkit and it said not infect and nothing deleted/found so I suppose I am ok :D
     
Loading...

Share This Page