TR/HackToolX.RK.1 false alarm
Info
frank at insightcomputer.com
Mon Dec 15 16:14:44 UTC 2003
Thanks for the info. Looks like a false alarm by Virex.
----- Original Message -----
From: "Sean Estabrooks" <seanlkml at rogers.com>
To: <fedora-list at redhat.com>
Sent: Monday, December 15, 2003 10:41 AM
Subject: Re: TR/HackToolX.RK.1 and TR/Classloader.C viruses picked up by
Virex
> On Mon, 15 Dec 2003 09:47:07 -0500
> fs <frank at insightcomputer.com> wrote:
>
> > Powerful Trojans are going around that brought down my kernel 2.4.22
> > last night. I first noticed the system was very sluggish and I could
> > not longer use Nautilus. Then my email inbox stopped working. Then
> > cups. One virus is java related.
>
> Your problem quite likely didn't have anything to do with "powerful"
> trojans at all.
>
> > /usr/share/locale/fr/LC_MESSAGES/net-tools.mo
> > <<< The Trojan horse TR/HackToolX.RK.1
>
> This is a language file that contains french translations for application
> strings. It doesn't contain executable code so it's not a likely
> candidate for an actual virus. More likely a false report from your
> virus scanner.
>
> > ALERT: [TR/Classloader.C virus]
> > /home/fs/.java/deployment/cache/javapi/v1.0/jar
> > /WebCounter.jar-53ebf3b-6321a0e0.zip <<< The Trojan horse
> > TR/Classloader.C
>
> The classloader virus apparently only affected java versions prior
> to 1.2, so if you are running with a recent version you should
> have been protected from it. All the google references i could find to
> this virus are from 1998 and 1999.
>
> > Vexira repaired none of these, just gave me alerts.
> >
> > Sending this email after system clean load.
>
> Hmmm... my guess is that your virus software will still complain about the
> language file and will again complain about the classloader issue if
> you revisit the offending website. On the upside, rebuilding your system
> probably fixed whatever the real problem was too!
>
> Cheers,
> Sean
>
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
More information about the fedora-list
mailing list