Results 1 to 3 of 3
  1. #1
    Join Date
    Mar 2004
    Posts
    78

    WHM trojan scan?? Accurate?

    /dev/stderr



    Scanning for Trojan Horses.....


    Possible Trojan - /usr/bin/podchecker

    Possible Trojan - /usr/bin/pstruct

    Possible Trojan - /usr/bin/splain

    Possible Trojan - /usr/bin/xsubpp

    Possible Trojan - /usr/bin/pear


    5 POSSIBLE Trojans Detected
    That is what I got on my whm trojan scan.. can anyone tell me more about theses?

    Thanks a million.

  2. #2
    Join Date
    May 2002
    Location
    Kingston, Ontario
    Posts
    1,588
    Install and run Chkrootkit, don't rely on the WHM scanner very much.

  3. #3
    Join Date
    Mar 2004
    Posts
    78
    Yep, pretty much my chkrootkit says not infected.

    These got me bit confused though:


    Searching for RK17 files and dirs... ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    ./chkrootkit: line 725: [: /var/www/cgi-bin: binary operator expected
    nothing found
    Searching for suspicious files and dirs, it may take a while...
    /usr/lib/perl5/5.8.0/i386-linux-thread-multi/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Compress/Zlib/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Archive/Tar/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Archive/Zip/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Net/Telnet/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Net/Daemon/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Net/SSLeay/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Net/AIM/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Net/DNS/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Term/ReadKey/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Term/ReadLine/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/MD5/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Mail/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Mail/SpamAssassin/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/IO-stringy/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/MIME-tools/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/RPC/PlServer/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/DBI/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/DBI/Shell/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/DBD/Multiplex/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/DBD/mysql/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Text/Reform/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Text/CSV_XS/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/IO/Tee/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/IO/Stty/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/IO/Tty/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/URI/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/HTML/Tagset/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/HTML/Parser/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/HTML/FillInForm/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/HTML/Clean/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/HTML/SimpleParse/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/libwww-perl/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Parse/RecDescent/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/OLE/Storage_Lite/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Image/Size/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Safe/Hole/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Tie/ShadowHash/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Tie/Watch/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Tie/IxHash/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Business/UPS/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Business/OnlinePayment/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Business/OnlinePayment/AuthorizeNet/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/SQL/Statement/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Spreadsheet/ParseExcel/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Spreadsheet/WriteExcel/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Convert/ASN1/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Convert/BER/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/perl-ldap/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/MLDBM/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/MLDBM/Sync/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Devel/Symdump/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/XML/Parser/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/XML/RegExp/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/XML/XSLT/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Persistent/Base/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Persistent/DBI/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Crypt/Blowfish/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Crypt/Blowfish_PP/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Crypt/CBC/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Crypt/DES/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Crypt/SSLeay/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/libxml-perl/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/XML-DOM/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Curses/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Data/ShowTable/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/GD/Text/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/GD/Graph/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/GD/Graph3d/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/GD/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/SOAP/Lite/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Tree/MultiNode/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Digest/SHA1/.packlist /usr/lib/perl5/site_perl/5.8.1/i686-linux/auto/Digest/HMAC/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/Digest/MD5/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/Digest/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/File/Spec/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/MIME/Base64/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/Storable/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/Time/HiRes/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/Net/.packlist /usr/lib/perl5/5.8.1/i686-linux/auto/CGI/.packlist /usr/lib/perl5/5.8.1/i686-linux/.packlist /usr/lib/php/.registry /usr/lib/php/.lock /usr/lib/php/.filemap
    /usr/lib/php/.registry
    Searching for LPD Worm files and dirs... nothing found
    Searching for LPD Worm files and dirs... nothing found
    Searching for Ramen Worm files and dirs... nothing found
    Searching for Maniac files and dirs... nothing found
    ......

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •