Trojan Horses Detected by (WHM)

DreamPhysix

Well-Known Member
Sep 30, 2009
78
0
56
I received an email from my cpanel server titled Trojan Horses Detected by (WHM) containing the following:
Hidden Pid detected! [pid 1876]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/sbin/rsyslogd]

Hidden Pid detected! [pid 1877]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/sbin/rsyslogd]

Hidden Pid detected! [pid 1897]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/named]

Hidden Pid detected! [pid 1898]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/named]

Hidden Pid detected! [pid 1899]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/named]

Hidden Pid detected! [pid 1900]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/named]

Hidden Pid detected! [pid 1901]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/named]

Hidden Pid detected! [pid 1902]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/named]

Hidden Pid detected! [pid 2002]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/mysqld]

Hidden Pid detected! [pid 2003]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/mysqld]

Hidden Pid detected! [pid 2004]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/mysqld]

Hidden Pid detected! [pid 2005]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/mysqld]

Hidden Pid detected! [pid 2007]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/mysqld]

Hidden Pid detected! [pid 2008]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/mysqld]

Hidden Pid detected! [pid 2009]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/mysqld]

Hidden Pid detected! [pid 2010]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/mysqld]

Hidden Pid detected! [pid 2011]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/mysqld]

Hidden Pid detected! [pid 28432]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/clamd]

Hidden Pid detected! [pid 29598]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/mysqld]

Hidden Pid detected! [pid 30401]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/mysqld]

Hidden Pid detected! [pid 30408]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/usr/sbin/mysqld]

Hidden Pid detected! [pid 30430]
hidden from ps: [yes]
hidden from kernel: [yes]
binary location: [/sbin/rsyslogd]
This installation of cpanel is new so these are false positives. how do i fix this?
 

quietFinn

Well-Known Member
Feb 4, 2006
1,234
93
178
Finland
cPanel Access Level
Root Administrator