Results 1 to 5 of 5

Thread: Does this mean malware is on my computer?

Hybrid View

  1. #1
    Join Date
    Aug 2012
    Beans
    9

    Does this mean malware is on my computer?

    I'm using 12.10, and wondering if my problem with Cpanel is caused by malware on my computer. When I go to the File Manager in any new version of Cpanel, demos, etc, I get this to the left of the files:

    SomeCustomInjectedHeader:injected_by_wvs
    ${@print(md5(acunetix_wvs_security_test))}
    %2F%2F%2F%2F%2F%2F%2F%2F%2F%2Fetc%2Fpasswd%00.jpg
    '"
    (/home/x3demob)
    SomeCustomInjectedHeader:injected_by_wvs
    ${@print(md5(acunetix_wvs_security_test))}
    %2F%2F%2F%2F%2F%2F%2F%2F%2F%2Fetc%2Fpasswd%00.jpg
    '"
    '|'ld
    <?xml version="1.0" encoding="utf-8"?><!DOCTYPE acunetix [ <!ENTITY acunetixent SYSTEM "http:
    " onmouseover=prompt(920251) bad="
    ";cat
    )
    1
    1 and sleep(5.564)
    1'=sleep(0)='
    1" and sleep(5.564)="
    1"; waitfor delay '0:0:5.564' --
    1"=sleep(5.564)="
    1; waitfor delay '0:0:5.564' --
    ;cat
    ;print(md5(acunetix_wvs_security_test));
    ^(#$!@#$)(()))******

    To the right, I get 8 to over 20 lines like this line with different letters at the beginning ab, bb, etc:

    sc 4KB Oct 3, 2012 httpd/unix-directory

    I used Ubuntu with Cpanel a few years ago and had no problems, so I'm wondering what the cause of this is. A rep at one of the webhosts said it might be something generated by my computer, but he didn't know for sure. I'm not a tech person, so I don't know either.

    If it is some kind of malware, how would I get rid of it?

    Thanks in advance for any help. This is frustrating because most weshost use Cpanel and the "sc 4KB ...." part of this problem obscures the files in the Cpanel and renders it unusable for me.

  2. #2
    Join Date
    Dec 2011
    Location
    Manchester, UK
    Beans
    356
    Distro
    Ubuntu

    Re: Does this mean malware is on my computer?

    Quote Originally Posted by prexpat View Post
    I'm using 12.10, and wondering if my problem with Cpanel is caused by malware on my computer. When I go to the File Manager in any new version of Cpanel, demos, etc, I get this to the left of the files:

    SomeCustomInjectedHeader:injected_by_wvs
    ${@print(md5(acunetix_wvs_security_test))}
    %2F%2F%2F%2F%2F%2F%2F%2F%2F%2Fetc%2Fpasswd%00.jpg
    '"
    (/home/x3demob)
    SomeCustomInjectedHeader:injected_by_wvs
    ${@print(md5(acunetix_wvs_security_test))}
    %2F%2F%2F%2F%2F%2F%2F%2F%2F%2Fetc%2Fpasswd%00.jpg
    '"
    '|'ld
    <?xml version="1.0" encoding="utf-8"?><!DOCTYPE acunetix [ <!ENTITY acunetixent SYSTEM "http:
    " onmouseover=prompt(920251) bad="
    ";cat
    )
    1
    1 and sleep(5.564)
    1'=sleep(0)='
    1" and sleep(5.564)="
    1"; waitfor delay '0:0:5.564' --
    1"=sleep(5.564)="
    1; waitfor delay '0:0:5.564' --
    ;cat
    ;print(md5(acunetix_wvs_security_test));
    ^(#$!@#$)(()))******

    To the right, I get 8 to over 20 lines like this line with different letters at the beginning ab, bb, etc:

    sc 4KB Oct 3, 2012 httpd/unix-directory

    I used Ubuntu with Cpanel a few years ago and had no problems, so I'm wondering what the cause of this is. A rep at one of the webhosts said it might be something generated by my computer, but he didn't know for sure. I'm not a tech person, so I don't know either.

    If it is some kind of malware, how would I get rid of it?

    Thanks in advance for any help. This is frustrating because most weshost use Cpanel and the "sc 4KB ...." part of this problem obscures the files in the Cpanel and renders it unusable for me.
    Hon, there is nothing in what you posted that suggests there is malware on your system. From what I understand, you have some third party tool that gives you garbled messages? This sounds like a ‘CPanel’ problem, not an Ubuntu one. Have you tried re-installing the application?

    In any case, you are better off checking on their support website than here.
    Read my technology blog at: http://penguincampaigner.wordpress.com

  3. #3
    Join Date
    Aug 2012
    Beans
    9

    Re: Does this mean malware is on my computer?

    A thousand thanks for the response and the peace of mind.

    I opted to just go with a webhost that didn't use Cpanel.

    Thanks again!

  4. #4
    Join Date
    Nov 2009
    Beans
    919
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Does this mean malware is on my computer?

    Acunetix is the name of a vulnerability scanner. The top part of what you posted appears to be an attempt to find a directory traversal vulnerability. It's odd that it would have turned up. In my experience Acunetix tends to be used by professional testers who have been hired by site owners. It's not local malware on your desktop though.

  5. #5
    Join Date
    Aug 2012
    Beans
    9

    Re: Does this mean malware is on my computer?

    Thanks! Life is good.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •