Strange perl script

Peo Nilsson per-olof.nilsson at
Wed Oct 17 14:46:01 PDT 2007

On Wed, 2007-10-17 at 16:07 -0500, Paul Schmehl wrote:
> --On Wednesday, October 17, 2007 16:15:27 -0400 Josh Carroll 
> <josh.carroll at> wrote:
> >> The stangest thing is that I cann't find sploger on  my system. After a
> >> reboot sploger doesn't appear anymore, which makes it more stranger.
> >
> > So you have done a:
> >
> > find / -name sploger -type f
> >
> > And nothing comes up? If that's the case, it sounds like it was a perl
> > script that was run, then subsequently removed from the file system.
> > Which sounds rather nefarious to me. You might want to check for
> > rootkits, etc.
> >
> If you google for "sploger+perl", all you get is stuff that looks like 
> hacked websites being run as spam operations.
> Look in /tmp for anything unusual, like directories named ".  " or "..  " 
> or similar.  Look for oddly named files in /tmp, such as dp, xz, etc.
> Look at your website logs carefully.  I suspect a malicious script has been 
> run through some exploit such as php or perl or an apache weakness.
> Is all your software completely patched up to date?

Dear list members.

I scanned my FreeBSD 6.2-Release (ports up to date) with
Avira Antivir personal ed, some days ago. The scanner returned

checking drive/path (cwd): /
 Date: 11.10.2007  Time: 16:04:06  Size: 9975
[HTML/MHT.Gen] /usr/ports/security/p5-openxpki-client-html-mason/pkg-plist <<< Contains detection pattern of the HTML script virus HTML/MHT.Gen

The information Avira has one can read here:

I posted a question to openxpki-devel at
They proposed that the scanner probably was "to nervous" for using with
Unix. (I can't tell myself)

Don't know if this says anything, but I though I would mention it
when I saw your posts.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url :

More information about the freebsd-questions mailing list