The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Ran Virus Scan, but in doubts

Discussion in 'General Discussion' started by Parahosting, Oct 31, 2007.

  1. Parahosting

    Parahosting Well-Known Member

    Joined:
    Apr 6, 2007
    Messages:
    57
    Likes Received:
    0
    Trophy Points:
    6
    Code:
    Appears Clean
    
    
    /dev/core
    /dev/stderr
    
    
    Scanning for Trojan Horses.....
    .
    .
    .
    
    Possible Trojan - /usr/bin/cpan
    .
    .
    .
    .
    .
    .
    
    Possible Trojan - /usr/bin/instmodsh
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    
    Possible Trojan - /usr/bin/prove
    .
    
    Possible Trojan - /usr/bin/psed
    .
    
    Possible Trojan - /usr/bin/pstruct
    .
    
    Possible Trojan - /usr/bin/s2p
    .
    
    Possible Trojan - /usr/bin/splain
    .
    
    Possible Trojan - /usr/bin/xsubpp
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    
    Possible Trojan - /etc/cron.daily/logrotate
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    
    Possible Trojan - /usr/sbin/antirelayd
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    
    Possible Trojan - /usr/sbin/pureauth
    .
    
    Possible Trojan - /etc/init.d/webmin
    .
    
    Possible Trojan - /usr/bin/Magick-config
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    
    Possible Trojan - /usr/lib/libMagick.la
    .
    .
    .
    
    Possible Trojan - /usr/lib/libWand.la
    .
    .
    .
    .
    .
    .
    
    Possible Trojan - /usr/bin/xmlcatalog
    .
    
    Possible Trojan - /usr/bin/xmllint
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    
    Possible Trojan - /usr/lib/python2.3/site-packages/libxml2mod.la
    .
    
    Possible Trojan - /usr/lib/python2.3/site-packages/libxml2mod.so
    .
    .
    .
    .
    .
    .
    
    Possible Trojan - /usr/bin/xml2-config
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    
    Possible Trojan - /usr/lib/libxml2.la
    .
    .
    .
    .
    .
    
    Possible Trojan - /usr/bin/Wand-config
    .
    
    Possible Trojan - /usr/bin/animate
    .
    
    Possible Trojan - /usr/bin/compare
    .
    
    Possible Trojan - /usr/bin/composite
    .
    
    Possible Trojan - /usr/bin/conjure
    .
    
    Possible Trojan - /usr/bin/convert
    .
    
    Possible Trojan - /usr/bin/display
    .
    
    Possible Trojan - /usr/bin/identify
    .
    
    Possible Trojan - /usr/bin/import
    .
    
    Possible Trojan - /usr/bin/mogrify
    .
    
    Possible Trojan - /usr/bin/montage
    .
    .
    .
    .
    
    Possible Trojan - /usr/bin/mysqlhotcopy
    33 POSSIBLE Trojans Detected
    
    




    I ran a virus scan today, and most files that I see, seem clean. But, here are the few files I'm having trouble deciding are viruses:


    I'm pretty new to virus experiencing in Linux, so I wouldn't know any better, but most of the time, I can just decide if they are viruses.
     
  2. dv2support

    dv2support Member
    PartnerNOC

    Joined:
    Oct 9, 2002
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    You are more likely to have hacks in certain folders such as /tmp than a virus on Linux.

    Try editing the files to see what they do. You can also run:

    to see what type of file it is

    also see hidden files and check for file owner ship with
    ls -lah /foldername

    You should hire a server management company until you feel comfortable. Check out http://eth0.us for security tips.
     
Loading...

Share This Page