Results 1 to 2 of 2
In linux binaries, in any linux distro, I've discovered the same strings which I believe may be due to a virus or trojan. Yet, clamav, rkhunter, chkrootkit do not detect ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 12-12-2009 #1
- Join Date
- Dec 2009
virus or trojan?
Yet, clamav, rkhunter, chkrootkit do not detect abnormalities.
Whether I run 'strings' on the binary files or view with vim or gedit, here is what is always seen inside the binaries:
Followed by commands which differ within each binary.
If, by some luck, I've downloaded a fresh Linux ISO where binaries do not include the above two strings followed by commands, after I run an update the updated binaries suddenly contain the above two strings and other, what I believe to be, rogue strings.
I've avoided the possible infection with an OpenBSD install, yet all the Linux installations and burned ISOs contain binaries with the above two strings followed by commands.
Google results are vague, some suggest shell backdoors, any help?
- 12-12-2009 #2
- Join Date
- Oct 2009
I believe it has to do with GCC. Here are a couple of post about it. I just did a search of "_Jv_RegisterClasses "