[vox-tech] Possible rootkit
Ken Bloom
kbloom at gmail.com
Mon Sep 23 03:52:01 PDT 2013
Do a clean reinstall. In your new installation, change your passwords and
make sure you have the latest security updates.
On Sep 23, 2013 1:49 AM, "Richard Harke" <paleopenguin at gmail.com> wrote:
> I may have screwed up. I opened a GIF that I received in an email using
> ImageMagick. The image didn't have a close button so I used ps -A to find
> the
> task. I didn't find any called ImageMagick but there was one named
> display.im6
> and when I killed it, the icon on the task bar went away. But I also found
> a task
> called rtkit-daemon which I killed. But now I also find a whole new
> directory
> named /run which seems to have a lot of executables in it. All time stamped
> about the time this happened. Whoops, I forgot 24 hour clock. The time
> stamps
> are this morning so maybe it doesn't have to do with the GIF. In any case
> I assume everything in /run is trojaned.
>
> I am open for advice.
>
> Richard
>
>
> _______________________________________________
> vox-tech mailing list
> vox-tech at lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.lugod.org/pipermail/vox-tech/attachments/20130923/a244b527/attachment.htm
More information about the vox-tech
mailing list