Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

infected files in virtfs

Discussion in 'Security' started by jlewis504, Mar 22, 2017.

Tags:
  1. jlewis504

    jlewis504 Registered

    Joined:
    Mar 22, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Oklahoma City, OK
    cPanel Access Level:
    Root Administrator
    A recent security scan showed that I have infected files in the virtfs folder. As I understand simply removing the files is not an option as any files that are mounted to the file will also be removed and will create an even bigger issue. My server provider recommends a complete rebuild of the OS. This is not something I want to do. I have used clamav for the security scan and below is a copy of some of the results. How do I determine if this could be a false positive and what options do I have other than rebuilding the OS for removal?

    home/virtfs/savanaux/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND
     
    #1 jlewis504, Mar 22, 2017
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,659
    Likes Received:
    1,428
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Does the scan show the same result for the /usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff file outside of the virtfs path?

    You can also review the following documents for instructions on how to remove a user's jailed shell environment:

    VirtFS - Jailed Shell - Documentation - cPanel Documentation

    Thank you.
     
    #2 cPanelMichael, Mar 23, 2017
(You must log in or sign up to post here.)
Loading...
Similar Threads - infected files virtfs
  1. chetanmadaan

    Investigating Malware infected websites questions

    chetanmadaan, Mar 10, 2017, in forum: Security
    Replies:
    3
    Views:
    345
    cPanelMichael
    Mar 12, 2017
  2. remcie

    Infected Wordpress website

    remcie, Mar 1, 2016, in forum: Security
    Replies:
    4
    Views:
    1,013
    rregister
    Mar 4, 2016
  3. SysNet

    New Thread How does cPanel remove session expired files

    SysNet, Oct 23, 2017 at 7:35 AM, in forum: General Discussion
    Replies:
    0
    Views:
    30
    SysNet
    Oct 23, 2017 at 7:35 AM
  4. Jenilia Joseph

    why is there no files in my cPanel?

    Jenilia Joseph, Oct 11, 2017, in forum: General Discussion
    Replies:
    5
    Views:
    92
    cPanelMichael
    Oct 12, 2017
  5. 4u123

    EA4 adding wrong stuff to htaccess files

    4u123, Oct 5, 2017, in forum: EasyApache
    Replies:
    7
    Views:
    127
    cPanelMichael
    Oct 6, 2017

Share This Page