The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Trojan Horses detected on a clean install

Discussion in 'General Discussion' started by mpkossen, Aug 31, 2011.

  1. mpkossen

    mpkossen Member

    Joined:
    Jul 19, 2010
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    I've installed cPanel on a new, clean VPS (immediately after the OS was loaded) and after each ucpc run, I get the following e-mail:

    I have already run chkrootkit and rkhunter, which both said not much was going on. I even reinstalled the server once (complete OS reload and reinstall of cPanel), but to no avail. I've search for a recent thread regarding this, but haven't found anything to ease my thoughts about this (most threads are over 4 years old and the recent ones haven't got the same affected applications).

    Any idea if I should be worried and what might be causing this?
     
    #1 mpkossen, Aug 31, 2011
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,622
    Likes Received:
    24
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Is this the exact contents of the email? Could you post the header of the email as well?
     
    #2 cPanelTristan, Aug 31, 2011
  3. mpkossen

    mpkossen Member

    Joined:
    Jul 19, 2010
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    This the the full e-mail. I've removed my e-mail addresses and server name from the headers (replaced with placeholders):

     
    #3 mpkossen, Aug 31, 2011
  4. ES - George

    ES - George Well-Known Member
    PartnerNOC

    Joined:
    Jun 12, 2011
    Messages:
    142
    Likes Received:
    2
    Trophy Points:
    16
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    You must consider the possibility of false positives. I have several Trojan Horses apparently detected by WHM, one of which is a fresh installation of WHMCS, others which are the default versions of core system files.
     
    #4 ES - George, Sep 1, 2011
  5. mpkossen

    mpkossen Member

    Joined:
    Jul 19, 2010
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    I was thinking the same, that it are all false positives. However, I'd like to be sure they are and if they are, they should not be detected as Trojans.
     
    #5 mpkossen, Sep 1, 2011
(You must log in or sign up to post here.)
Loading...
Similar Threads - Trojan Horses detected
  1. nightownl

    libkeyutils.so.1.3.1 trojan false positive?

    nightownl, Apr 9, 2017, in forum: Security
    Replies:
    2
    Views:
    64
    nightownl
    Apr 9, 2017

Share This Page