Page 1 of 1

Can t stop/ignore a Suspicious process

Posted: 21 May 2014, 19:25
by donaserver
Hi,

i alreandy tryed everyting as in the doc. to ignore this process but I still become around 100 email notifications with this. Could you helpe me how I can ignore this on the csf.pignore, Process Tracking? And could this process be a virus? I opned the file session_mm_cgi-fcgi501.sem and is empty :s. Thanks in advance for any help


Here the notification:

[code]
Time: Tue May 20 23:25:11 2014 +0200
PID: 21001 (Parent PID:19894)
Account: rabeco
Uptime: 70 seconds


Executable:

/usr/bin/php


Command Line (often faked in exploits):

/usr/bin/php /home/rabeco/public_html/mytestsite/index.php


Network connections by the process (if any):

tcp6: (number) -> (number)


Files open by the process (if any):

/home/rabeco/public_html/mytestsite/session_mm_cgi-fcgi501.sem (deleted)
/tmp/sess_e164814639bcd295bb247ff0fa0069ef


Memory maps by the process (if any):

00400000-00d89000 r-xp 00000000 fc:01 6559979 /usr/bin/php
00f88000-01054000 rw-p 00988000 fc:01 6559979 /usr/bin/php
01054000-01078000 rw-p 00000000 00:00 0
025d3000-04657000 rw-p 00000000 00:00 0 [heap]
3637a00000-3637a20000 r-xp 00000000 fc:01 8388658 /lib64/ld-2.12. so
3637c1f000-3637c20000 r--p 0001f000 fc:01 8388658 /lib64/ld-2.12. so
3637c20000-3637c21000 rw-p 00020000 fc:01 8388658 /lib64/ld-2.12. so
3637c21000-3637c22000 rw-p 00000000 00:00 0
3637e00000-3637f8b000 r-xp 00000000 fc:01 8393223 /lib64/libc-2.12. so
3637f8b000-363818a000 ---p 0018b000 fc:01 8393223 /lib64/libc-2.12. so
363818a000-363818e000 r--p 0018a000 fc:01 8393223 /lib64/libc-2.12. so
363818e000-363818f000 rw-p 0018e000 fc:01 8393223 /lib64/libc-2.12. so
363818f000-3638194000 rw-p 00000000 00:00 0
3638200000-3638217000 r-xp 00000000 fc:01 8393230 /lib64/libpthread-2.12. so
3638217000-3638417000 ---p 00017000 fc:01 8393230 /lib64/libpthread-2.12. so
3638417000-3638418000 r--p 00017000 fc:01 8393230 /lib64/libpthread-2.12. so
3638418000-3638419000 rw-p 00018000 fc:01 8393230 /lib64/libpthread-2.12. so
3638419000-363841d000 rw-p 00000000 00:00 0
3638600000-3638602000 r-xp 00000000 fc:01 8393225 /lib64/libdl-2.12. so
3638602000-3638802000 ---p 00002000 fc:01 8393225 /lib64/libdl-2.12. so
3638802000-3638803000 r--p 00002000 fc:01 8393225 /lib64/libdl-2.12. so
3638803000-3638804000 rw-p 00003000 fc:01 8393225 /lib64/libdl-2.12. so
3638a00000-3638a83000 r-xp 00000000 fc:01 8393236 /lib64/libm-2.12. so
3638a83000-3638c82000 ---p 00083000 fc:01 8393236 /lib64/libm-2.12. so
3638c82000-3638c83000 r--p 00082000 fc:01 8393236 /lib64/libm-2.12. so
3638c83000-3638c84000 rw-p 00083000 fc:01 8393236 /lib64/libm-2.12 .so
3638e00000-3638e07000 r-xp 00000000 fc:01 8393231 /lib64/librt-2.12 .so
3638e07000-3639006000 ---p 00007000 fc:01 8393231 /lib64/librt-2.12 .so
3639006000-3639007000 r--p 00006000 fc:01 8393231 /lib64/librt-2.12 .so
3639007000-3639008000 rw-p 00007000 fc:01 8393231 /lib64/librt-2.12 .so
3639200000-3639215000 r-xp 00000000 fc:01 8393235 /lib64/libz .so.1.2.3
3639215000-3639414000 ---p 00015000 fc:01 8393235 /lib64/libz .so.1.2.3
3639414000-3639415000 r--p 00014000 fc:01 8393235 /lib64/libz .so.1.2.3
3639415000-3639416000 rw-p 00015000 fc:01 8393235 /lib64/libz .so.1.2.3
3639600000-363961d000 r-xp 00000000 fc:01 8392792 /lib64/libselinux .so.1
363961d000-363981c000 ---p 0001d000 fc:01 8392792 /lib64/libselinux .so.1
363981c000-363981d000 r--p 0001c000 fc:01 8392792 /lib64/libselinux .so.1
363981d000-363981e000 rw-p 0001d000 fc:01 8392792 /lib64/libselinux .so.1
363981e000-363981f000 rw-p 00000000 00:00 0
3639a00000-3639a3f000 r-xp 00000000 fc:01 6559691 /usr/lib64/libjpeg .so.62.0.0
3639a3f000-3639c3f000 ---p 0003f000 fc:01 6559691 /usr/lib64/libjpeg .so.62.0.0
3639c3f000-3639c40000 rw-p 0003f000 fc:01 6559691 /usr/lib64/libjpeg .so.62.0.0
3639c40000-3639c50000 rw-p 00000000 00:00 0
3639e00000-3639e16000 r-xp 00000000 fc:01 8393245 /lib64/libresolv-2.12 .so
3639e16000-363a016000 ---p 00016000 fc:01 8393245 /lib64/libresolv-2.12 .so
363a016000-363a017000 r--p 00016000 fc:01 8393245 /lib64/libresolv-2.12 .so
363a017000-363a018000 rw-p 00017000 fc:01 8393245 /lib64/libresolv-2.12 .so
363a018000-363a01a000 rw-p 00000000 00:00 0
363a200000-363a216000 r-xp 00000000 fc:01 8392701 /lib64/libgcc_s-4.4.7-20120601 .so.1
363a216000-363a415000 ---p 00016000 fc:01 8392701 /lib64/libgcc_s-4.4.7-20120601 .so.1
363a415000-363a416000 rw-p 00015000 fc:01 8392701 /lib64/libgcc_s-4.4.7-20120601 .so.1
363a600000-363a73f000 r-xp 00000000 fc:01 6560834 /usr/lib64/libicuuc .so.42.1
363a73f000-363a93f000 ---p 0013f000 fc:01 6560834 /usr/lib64/libicuuc .so.42.1
363a93f000-363a950000 rw-p 0013f000 fc:01 6560834 /usr/lib64/libicuuc .so.42.1
363a950000-363a952000 rw-p 00000000 00:00 0
363aa00000-363aa07000 r-xp 00000000 fc:01 8393227 /lib64/libcrypt-2.12 .so
363aa07000-363ac07000 ---p 00007000 fc:01 8393227 /lib64/libcrypt-2.12 .so
363ac07000-363ac08000 r--p 00007000 fc:01 8393227 /lib64/libcrypt-2.12 .so
363ac08000-363ac09000 rw-p 00008000 fc:01 8393227 /lib64/libcrypt-2.12 .so
363ac09000-363ac37000 rw-p 00000000 00:00 0
363ae00000-363ae71000 r-xp 00000000 fc:01 8393226 /lib64/libfreebl3 .so
363ae71000-363b070000 ---p 00071000 fc:01 8393226 /lib64/libfreebl3 .so
363b070000-363b072000 r--p 00070000 fc:01 8393226 /lib64/libfreebl3 .so
363b072000-363b073000 rw-p 00072000 fc:01 8393226 /lib64/libfreebl3 .so
363b073000-363b077000 rw-p 00000000 00:00 0
363b200000-363b203000 r-xp 00000000 fc:01 8393251 /lib64/libcom_err .so.2.1
363b203000-363b402000 ---p 00003000 fc:01 8393251 /lib64/libcom_err .so.2.1
363b402000-363b403000 r--p 00002000 fc:01 8393251 /lib64/libcom_err .so.2.1
363b403000-363b404000 rw-p 00003000 fc:01 8393251 /lib64/libcom_err .so.2.1
363b600000-363b6e8000 r-xp 00000000 fc:01 6556138 /usr/lib64/libstdc++ .so.6.0.13
363b6e8000-363b8e8000 ---p 000e8000 fc:01 6556138 /usr/lib64/libstdc++ .so.6.0.13
363b8e8000-363b8ef000 r--p 000e8000 fc:01 6556138 /usr/lib64/libstdc++ .so.6.0.13
363b8ef000-363b8f1000 rw-p 000ef000 fc:01 6556138 /usr/lib64/libstdc++ .so.6.0.13
363b8f1000-363b906000 rw-p 00000000 00:00 0
363ba00000-363bbb5000 r-xp 00000000 fc:01 6560509 /usr/lib64/libcrypto .so.1.0.1e
363bbb5000-363bdb5000 ---p 001b5000 fc:01 6560509 /usr/lib64/libcrypto .so.1.0.1e
363bdb5000-363bdd0000 r--p 001b5000 fc:01 6560509 /usr/lib64/libcrypto .so.1.0.1e
363bdd0000-363bddc000 rw-p 001d0000 fc:01 6560509 /usr/lib64/libcrypto .so.1.0.1e
363bddc000-363bde0000 rw-p 00000000 00:00 0
363be00000-363bedb000 r-xp 00000000 fc:01 8393252 /lib64/libkrb5 .so.3.3
363bedb000-363c0da000 ---p 000db000 fc:01 8393252 /lib64/libkrb5 .so.3.3
363c0da000-363c0e4000 r--p 000da000 fc:01 8393252 /lib64/libkrb5 .so.3.3
363c0e4000-363c0e6000 rw-p 000e4000 fc:01 8393252 /lib64/libkrb5 .so.3.3
363c200000-363c20a000 r-xp 00000000 fc:01 8393249 /lib64/libkrb5support .so.0.1
363c20a000-363c409000 ---p 0000a000 fc:01 8393249 /lib64/libkrb5support .so.0.1
363c409000-363c40a000 r--p 00009000 fc:01 8393249 /lib64/libkrb5support .so.0.1
363c40a000-363c40b000 rw-p 0000a000 fc:01 8393249 /lib64/libkrb5support .so.0.1
363c600000-363c641000 r-xp 00000000 fc:01 8393253 /lib64/libgssapi_krb5 .so.2.2
363c641000-363c841000 ---p 00041000 fc:01 8393253 /lib64/libgssapi_krb5 .so.2.2
363c841000-363c842000 r--p 00041000 fc:01 8393253 /lib64/libgssapi_krb5 .so.2.2
363c842000-363c844000 rw-p 00042000 fc:01 8393253 /lib64/libgssapi_krb5 .so.2.2
363ca00000-363ca29000 r-xp 00000000 fc:01 8393250 /lib64/libk5crypto .so.3.1
363ca29000-363cc29000 ---p 00029000 fc:01 8393250 /lib64/libk5crypto .so.3.1
363cc29000-363cc2a000 r--p 00029000 fc:01 8393250 /lib64/libk5crypto .so.3.1
363cc2a000-363cc2b000 rw-p 0002a000 fc:01 8393250 /lib64/libk5crypto .so.3.1
363cc2b000-363cc2c000 rw-p 00000000 00:00 0
363ce00000-363ce02000 r-xp 00000000 fc:01 8393074 /lib64/libkeyutils .so.1.3
363ce02000-363d001000 ---p 00002000 fc:01 8393074 /lib64/libkeyutils .so.1.3
363d001000-363d002000 r--p 00001000 fc:01 8393074 /lib64/libkeyutils .so.1.3
363d002000-363d003000 rw-p 00002000 fc:01 8393074 /lib64/libkeyutils .so.1.3
363d200000-363d217000 r-xp 00000000 fc:01 8393224 /lib64/libaudit .so.1.0.0
363d217000-363d416000 ---p 00017000 fc:01 8393224 /lib64/libaudit .so.1.0.0
363d416000-363d417000 r--p 00016000 fc:01 8393224 /lib64/libaudit .so.1.0.0
363d417000-363d41c000 rw-p 00017000 fc:01 8393224 /lib64/libaudit .so.1.0.0
363d600000-363d60c000 r-xp 00000000 fc:01 8393228 /lib64/libpam .so.0.82.2
363d60c000-363d80c000 ---p 0000c000 fc:01 8393228 /lib64/libpam .so.0.82.2
363d80c000-363d80d000 r--p 0000c000 fc:01 8393228 /lib64/libpam .so.0.82.2
363d80d000-363d80e000 rw-p 0000d000 fc:01 8393228 /lib64/libpam .so.0.82.2
363da00000-363da26000 r-xp 00000000 fc:01 8389005 /lib64/libexpat .so.1.5.2
363da26000-363dc25000 ---p 00026000 fc:01 8389005 /lib64/libexpat .so.1.5.2
363dc25000-363dc28000 rw-p 00025000 fc:01 8389005 /lib64/libexpat .so.1.5.2
363de00000-363de98000 r-xp 00000000 fc:01 6555456 /usr/lib64/libfreetype .so.6.3.22
363de98000-363e097000 ---p 00098000 fc:01 6555456 /usr/lib64/libfreetype .so.6.3.22
363e097000-363e09d000 rw-p 00097000 fc:01 6555456 /usr/lib64/libfreetype .so.6.3.22
363e200000-363e21d000 r-xp 00000000 fc:01 6555454 /usr/lib64/libxcb .so.1.1.0
363e21d000-363e41d000 ---p 0001d000 fc:01 6555454 /usr/lib64/libxcb .so.1.1.0
363e41d000-363e41e000 rw-p 0001d000 fc:01 6555454 /usr/lib64/libxcb .so.1.1.0
363e600000-363e602000 r-xp 00000000 fc:01 6554610 /usr/lib64/libXau .so.6.0.0
363e602000-363e802000 ---p 00002000 fc:01 6554610 /usr/lib64/libXau .so.6.0.0
363e802000-363e803000 rw-p 00002000 fc:01 6554610 /usr/lib64/libXau .so.6.0.0
363ea00000-363ea25000 r-xp 00000000 fc:01 6560053 /usr/lib64/libpng12 .so.0.49.0
363ea25000-363ec25000 ---p 00025000 fc:01 6560053 /usr/lib64/libpng12 .so.0.49.0
363ec25000-363ec26000 rw-p 00025000 fc:01 6560053 /usr/lib64/libpng12 .so.0.49.0
363ee00000-363ef37000 r-xp 00000000 fc:01 6558920 /usr/lib64/libX11 .so.6.3.0
363ef37000-363f137000 ---p 00137000 fc:01 6558920 /usr/lib64/libX11 .so.6.3.0
363f137000-363f13d000 rw-p 00137000 fc:01 6558920 /usr/lib64/libX11 .so.6.3.0
363f200000-363f211000 r-xp 00000000 fc:01 6560269 /usr/lib64/libXpm .so.4.11.0
363f211000-363f410000 ---p 00011000 fc:01 6560269 /usr/lib64/libXpm .so.4.11.0
363f410000-363f411000 rw-p 00010000 fc:01 6560269 /usr/lib64/libXpm .so.4.11.0
363f600000-363f616000 r-xp 00000000 fc:01 8393238 /lib64/libnsl-2.12 .so
363f616000-363f815000 ---p 00016000 fc:01 8393238 /lib64/libnsl-2.12 .so
363f815000-363f816000 r--p 00015000 fc:01 8393238 /lib64/libnsl-2.12 .so
363f816000-363f817000 rw-p 00016000 fc:01 8393238 /lib64/libnsl-2.12 .so
363f817000-363f819000 rw-p 00000000 00:00 0
363fa00000-363fa61000 r-xp 00000000 fc:01 6554746 /usr/lib64/libssl .so.1.0.1e
363fa61000-363fc61000 ---p 00061000 fc:01 6554746 /usr/lib64/libssl .so.1.0.1e
363fc61000-363fc65000 r--p 00061000 fc:01 6554746 /usr/lib64/libssl .so.1.0.1e
363fc65000-363fc6c000 rw-p 00065000 fc:01 6554746 /usr/lib64/libssl .so.1.0.1e
363fe00000-3640d45000 r-xp 00000000 fc:01 6558665 /usr/lib64/libicudata .so.42.1
3640d45000-3640f44000 ---p 00f45000 fc:01 6558665 /usr/lib64/libicudata .so.42.1
3640f44000-3640f45000 rw-p 00f44000 fc:01 6558665 /usr/lib64/libicudata .so.42.1
3641000000-3641010000 r-xp 00000000 fc:01 8388842 /lib64/libbz2 .so.1.0.4
3641010000-364120f000 ---p 00010000 fc:01 8388842 /lib64/libbz2 .so.1.0.4
364120f000-3641211000 rw-p 0000f000 fc:01 8388842 /lib64/libbz2 .so.1.0.4
3641400000-3641588000 r-xp 00000000 fc:01 6560835 /usr/lib64/libicui18n .so.42.1
3641588000-3641788000 ---p 00188000 fc:01 6560835 /usr/lib64/libicui18n .so.42.1
3641788000-3641795000 rw-p 00188000 fc:01 6560835 /usr/lib64/libicui18n .so.42.1
3641795000-3641796000 rw-p 00000000 00:00 0
3641800000-3641832000 r-xp 00000000 fc:01 8388728 /lib64/libidn .so.11.6.1
3641832000-3641a31000 ---p 00032000 fc:01 8388728 /lib64/libidn .so.11.6.1
3641a31000-3641a32000 rw-p 00031000 fc:01 8388728 /lib64/libidn .so.11.6.1
3641c00000-3641c09000 r-xp 00000000 fc:01 6559986 /usr/lib64/libltdl .so.7.2.1
3641c09000-3641e08000 ---p 00009000 fc:01 6559986 /usr/lib64/libltdl .so.7.2.1
3641e08000-3641e09000 rw-p 00008000 fc:01 6559986 /usr/lib64/libltdl .so.7.2.1
3642000000-36422d8000 r-xp 00000000 fc:01 6555719 /usr/lib64/libmysqlclient .so.18.0.0
36422d8000-36424d7000 ---p 002d8000 fc:01 6555719 /usr/lib64/libmysqlclient .so.18.0.0
36424d7000-364255b000 rw-p 002d7000 fc:01 6555719 /usr/lib64/libmysqlclient .so.18.0.0
364255b000-3642560000 rw-p 00000000 00:00 0
3642600000-364260b000 r-xp 00000000 fc:01 6555282 /usr/lib64/libicuio .so.42.1
364260b000-364280a000 ---p 0000b000 fc:01 6555282 /usr/lib64/libicuio .so.42.1
364280a000-364280c000 rw-p 0000a000 fc:01 6555282 /usr/lib64/libicuio .so.42.1
7ffca4000000-7ffca4021000 rw-p 00000000 00:00 0
7ffca4021000-7ffca8000000 ---p 00000000 00:00 0
7ffca8e0c000-7ffca8e11000 r-xp 00000000 fc:01 8388635 /lib64/libnss_dns-2.12 .so
7ffca8e11000-7ffca9010000 ---p 00005000 fc:01 8388635 /lib64/libnss_dns-2.12 .so
7ffca9010000-7ffca9011000 r--p 00004000 fc:01 8388635 /lib64/libnss_dns-2.12 .so
7ffca9011000-7ffca9012000 rw-p 00005000 fc:01 8388635 /lib64/libnss_dns-2.12 .so
7ffca9012000-7ffca9053000 rw-p 00000000 00:00 0
7ffca9054000-7ffca9360000 rw-p 00000000 00:00 0
7ffca9378000-7ffca9602000 rw-p 00000000 00:00 0
7ffca962e000-7ffca98f9000 rw-p 00000000 00:00 0
7ffca9918000-7ffca9add000 rw-p 00000000 00:00 0
7ffca9b97000-7ffca9d97000 rw-p 00000000 00:00 0
7ffca9db9000-7ffca9e7c000 rw-p 00000000 00:00 0
7ffca9e7c000-7ffca9e88000 r-xp 00000000 fc:01 8388637 /lib64/libnss_files-2.12 .so
7ffca9e88000-7ffcaa088000 ---p 0000c000 fc:01 8388637 /lib64/libnss_files-2.12 .so
7ffcaa088000-7ffcaa089000 r--p 0000c000 fc:01 8388637 /lib64/libnss_files-2.12 .so
7ffcaa089000-7ffcaa08a000 rw-p 0000d000 fc:01 8388637 /lib64/libnss_files-2.12 .so
7ffcaa093000-7ffcaa094000 ---p 00000000 00:00 0
7ffcaa094000-7ffcaaa94000 rw-p 00000000 00:00 0
7ffcaaa94000-7ffcaea94000 rw-s 00000000 00:04 796622849 /SYSV00000000 (deleted)
7ffcaea94000-7ffcaec30000 rw-p 00000000 00:00 0
7ffcaec30000-7ffcaed7f000 r-xp 00000000 fc:01 5505380 /opt/xml2/lib/libxml2 .so.2.9.0
7ffcaed7f000-7ffcaef7e000 ---p 0014f000 fc:01 5505380 /opt/xml2/lib/libxml2 .so.2.9.0
7ffcaef7e000-7ffcaef88000 rw-p 0014e000 fc:01 5505380 /opt/xml2/lib/libxml2 .so.2.9.0
7ffcaef88000-7ffcaef89000 rw-p 00000000 00:00 0
7ffcaef89000-7ffcaefc5000 r-xp 00000000 fc:01 5505664 /opt/xslt/lib/libxslt .so.1.1.27
7ffcaefc5000-7ffcaf1c4000 ---p 0003c000 fc:01 5505664 /opt/xslt/lib/libxslt .so.1.1.27
7ffcaf1c4000-7ffcaf1c6000 rw-p 0003b000 fc:01 5505664 /opt/xslt/lib/libxslt .so.1.1.27
7ffcaf1c6000-7ffcaf1c9000 rw-p 00000000 00:00 0
7ffcaf1c9000-7ffcaf221000 r-xp 00000000 fc:01 5505166 /opt/curlssl/lib/libcurl .so.4.2.0
7ffcaf221000-7ffcaf421000 ---p 00058000 fc:01 5505166 /opt/curlssl/lib/libcurl .so.4.2.0
7ffcaf421000-7ffcaf424000 rw-p 00058000 fc:01 5505166 /opt/curlssl/lib/libcurl .so.4.2.0
7ffcaf424000-7ffcaf426000 rw-p 00000000 00:00 0
7ffcaf426000-7ffcaf462000 r-xp 00000000 fc:01 5505029 /opt/pcre/lib/libpcre .so.0.0.1
7ffcaf462000-7ffcaf661000 ---p 0003c000 fc:01 5505029 /opt/pcre/lib/libpcre .so.0.0.1
7ffcaf661000-7ffcaf662000 rw-p 0003b000 fc:01 5505029 /opt/pcre/lib/libpcre .so.0.0.1
7ffcaf662000-7ffcaf665000 rw-p 00000000 00:00 0
7ffcaf665000-7ffcaf68f000 r-xp 00000000 fc:01 5505825 /opt/libmcrypt/lib/libmcrypt .so.4.4.8
7ffcaf68f000-7ffcaf88e000 ---p 0002a000 fc:01 5505825 /opt/libmcrypt/lib/libmcrypt .so.4.4.8
7ffcaf88e000-7ffcaf892000 rw-p 00029000 fc:01 5505825 /opt/libmcrypt/lib/libmcrypt .so.4.4.8
7ffcaf892000-7ffcaf898000 rw-p 00000000 00:00 0
7ffcaf898000-7ffcaf8ee000 r-xp 00000000 fc:01 5505648 /opt/tidy/lib/libtidy-0.99 .so.0.0.0
7ffcaf8ee000-7ffcafaee000 ---p 00056000 fc:01 5505648 /opt/tidy/lib/libtidy-0.99 .so.0.0.0
7ffcafaee000-7ffcafaf7000 rw-p 00056000 fc:01 5505648 /opt/tidy/lib/libtidy-0.99 .so.0.0.0
7ffcafaf7000-7ffcafaf9000 rw-p 00000000 00:00 0
7ffcafaf9000-7ffcafb0b000 r-xp 00000000 fc:01 5505697 /opt/xslt/lib/libexslt .so.0.8.16
7ffcafb0b000-7ffcafd0b000 ---p 00012000 fc:01 5505697 /opt/xslt/lib/libexslt .so.0.8.16
7ffcafd0b000-7ffcafd0c000 rw-p 00012000 fc:01 5505697 /opt/xslt/lib/libexslt .so.0.8.16
7ffcafd0c000-7ffcafd0d000 rw-p 00000000 00:00 0
7ffcafd16000-7ffcafd17000 rw-p 00000000 00:00 0
7fff87a45000-7fff87a5a000 rw-p 00000000 00:00 0 [stack]
7fff87a89000-7fff87a8a000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall][/code]

Re: Can t stop/ignore a Suspicious process

Posted: 03 Jun 2014, 11:33
by duo35
i dont have any idea is it virus or not.

But if you sure its not virus and want to ignore it
you can add to csf.pignore list like this
cmd:/home/rabeco/public_html/mytestsite/index.php

you will see other files already ignored in the list, just add your file looking othr examples there