I help friends manage systems which feature Fedora OS. They have been reporting that notifications are being highlighted mentioning the presence of Trojans and such and they are alarmed. I generally believe that little if any are serious as I have Selinux Enabled and a Firewall setup on these units. All units are behind routers.
I decided to install a few applications such as
clamav, rkhunter and chkrootkit on my own units and gave them a run. Neither rkhunter nor chkrootkit showed anything remarkable but clamav did. I list a few of them for context:
Found 76 possible threats (224741 files scanned).
/home/me/.mozilla/firefox/b9w9hqme.default-1635637832461 /extensions/support@lastpass.com.xpi PUA.Win.Trojan.Xored-1
/home/me/.mozilla/icecat/h2020a74.default/extensions/support@lastpass.com.xpi PUA.Win.Trojan.Xored-1
/home/me/.cache/mozilla/firefox/b9w9hqme.default-1635637832461/cache2/entries/7B869B1E4FEB0079533855B292DEDC9F049750CD PUA.Win.Trojan.Xored-1
/home/me/.cache/mozilla/firefox/b9w9hqme.default-1635637832461/cache2/entries/6BA4FE386CA8001456C08ADCC0D8047E35A2BD77 PUA.Win.Exploit.CVE_2012_1461-1
....................
/home/me/.cache/microsoft-edge-beta/Default/Cache/Cache_Data/c6dd4acd03fcf165_0 PUA.Win.Trojan.Xored-1
/home/me/.cache/microsoft-edge-beta/Default/Cache/Cache_Data/16fb8756c668ad8b_0 PUA.Win.Trojan.Xored-1
......................
/home/me/.config/google-chrome/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/4.123.0.2_0/oidc-client.min.js PUA.Win.Trojan.Xored-1
/home/me/.config/google-chrome/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/4.123.0.2_0/lpfulllib.js PUA.Win.Trojan.Xored-1
Asked by Robert D Weir
(127 rep)
Oct 31, 2023, 03:13 PM
Last activity: Nov 4, 2023, 10:19 AM
Last activity: Nov 4, 2023, 10:19 AM