Hello,
a few days ago I install on my centos 7 that run with WHM software the ConfigServer Server Services.
I got a report that warning about some infection:
find: ‘/proc/32494’: No such file or directory
/usr/lib/debug/usr/.dwz
Warning: /sbin/init INFECTED
INFECTED (PORTS: 465)
You have 2 process hidden for readdir command
You have 2 process hidden for ps command
chkproc: Warning: Possible LKM Trojan installed
eno16777728: PF_PACKET(/usr/sbin/dhclient)
The tty of the following user process(es) were not found
in /var/run/utmp !
! RUID PID TTY CMD
! -Dsolr.autoSoftCommit.maxTime=30-Dsolr.log.muteconsole -XX:OnOutOfMemoryError=/home/cpanelsolr/bin/oom_solr.sh 8984 /home/cpanelsolr/server/logs -jar start.jar --module=http
0 olr.install.dir=/home/cpanelsolr-Dsolr.autoSoftCommit.maxTime=30-Dsolr.log.muteconsole -XX:OnOutOfMemoryError=/home/cpanelsolr/bin/oom_solr.sh 8984 /home/cpanelsolr/server/logs -jar start.jar --module=http
-Dsolr.log.muteconsole -XX:OnOutOfMemoryError=/home/cpanelsolr/bin/oom_solr.sh 8984 /home/cpanelsolr/server/logs -jar start.jar --module=http
How do I need to act with this report?
Thank you.
Bookmarks