Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Karl Hiramoto <karl@...>
Subject: Re: gmonstart / jvregisterclasses in tons of binaries with commands,malware?
Date: Thu, 17 Dec 2009 07:00:46 +0100
On 12/17/09 03:06, whereislibertyandjustice@... wrote:
> In linux binaries, in any linux distro, I've discovered the same strings
> which I believe may be due to a virus or trojan.
>
> Yet, clamav, rkhunter, chkrootkit do not detect abnormalities.
>
> Whether I run 'strings' on the binary files or view with vim or gedit, here
> is what is always seen inside the binaries:
>
>
> __gmon_start__
> _Jv_RegisterClasses
>
> Followed by commands which differ within each binary.
>   
Can you give an example of what commands you are talking about?

__gmon_start is part of a normal glibc 
http://repo.or.cz/w/glibc.git/blob/HEAD:/csu/gmon-start.c#l60

Almost every gcc compiled dynamicly linked binary contains references to
_Jv_RegisterClasse.

-- 

--
Karl Hiramoto  http://karl.hiramoto.org/




References:
gmonstart / jvregisterclasses in tons of binaries with commands,malware?
-- whereislibertyandjustice
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: gmonstart / jvregisterclasses in tons of binaries with commands,malware?
Next by thread:
Re: gmonstart / jvregisterclasses in tons of binaries with commands,malware?
Previous by date:
Re: gmonstart / jvregisterclasses in tons of binaries with commands,malware?
Next by date:
Re: gmonstart / jvregisterclasses in tons of binaries with commands,malware?


Updated May 10, 2012

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.