infected files in virtfs

J

jlewis504

Registered
Mar 22, 2017
1
0
1
Oklahoma City, OK
cPanel Access Level
Root Administrator
A recent security scan showed that I have infected files in the virtfs folder. As I understand simply removing the files is not an option as any files that are mounted to the file will also be removed and will create an even bigger issue. My server provider recommends a complete rebuild of the OS. This is not something I want to do. I have used clamav for the security scan and below is a copy of some of the results. How do I determine if this could be a false positive and what options do I have other than rebuilding the OS for removal?

home/virtfs/savanaux/usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff: Win.Exploit.CVE_2016_7282-3 FOUND
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,216
463
Hello,

Does the scan show the same result for the /usr/local/cpanel/cpaddons/cPanel/Blogs/WordPress/upgrade/4.5.3_4.6/diff file outside of the virtfs path?

You can also review the following documents for instructions on how to remove a user's jailed shell environment:

VirtFS - Jailed Shell - Documentation - cPanel Documentation

Thank you.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
psytanium SOLVED Can't delete or rename folders, plus infected files keep showing Security 22
J Site keeps on getting hacked - infected files Security 6
K infected files detected in /tmp - how to find actual file name and path Security 5
R Infected Files Sending Spam Everyday Security 2
S 48 Infected Files in /usr Directory Security 0
Similar threads
SOLVED Can't delete or rename folders, plus infected files keep showing
Site keeps on getting hacked - infected files
infected files detected in /tmp - how to find actual file name and path
Infected Files Sending Spam Everyday
48 Infected Files in /usr Directory
Top Bottom