Results 1 to 5 of 5

Thread: ASP/Ace.Q Trojan after installing Kali VM

  1. 2016-02-17 #1
    rogueb
    rogueb is offline Junior Member
    Join Date
    2016-Feb
    Posts
    2

    ASP/Ace.Q Trojan after installing Kali VM

    Hi guys, I'm new to Linux and have been learning it for the past week or so. I've installed many distros on VM's just to mess around. Anyways, I just installed another Kali VM and when I opened it up the antivirus on my host OS found a virus:
    Object: http://archive-2.kali.org/kali/pool/...0kali0_all.deb
    Threat: ASP/Ace.Q Trojan
    Connection terminated

    Is this something I need to worry about? From what I've read its a pretty severe backdoor? I was surprised when it was found because I thought there were no connections between the host OS and guest OS (unless there are shared folders?)

    Appreciate any help!
  2. 2016-02-17 #2
    grid
    grid is offline Senior Member
    Join Date
    2013-Apr
    Location
    Kali forums
    Posts
    805
    Given the nature of the tools in Kali, I'm sure many/most of them would be flagged by anti-virus.

    Just to be safe, I'd verify the SHA1 hashes; even if you got the download from kali.org or an authorized mirror.
  3. 2016-02-17 #3
    rogueb
    rogueb is offline Junior Member
    Join Date
    2016-Feb
    Posts
    2
    Quote Originally Posted by grid View Post
    Given the nature of the tools in Kali, I'm sure many/most of them would be flagged by anti-virus.

    Just to be safe, I'd verify the SHA1 hashes; even if you got the download from kali.org or an authorized mirror.
    Appreciate the reply. I'm pretty sure I downloaded it via torrent through the official page. The hashes don't match though. Also, the .iso I have is 3.09gb compared to the 2.6gb on the official page. The hashes match this torrent: https://kat.cr/kali-linux-2-0-x64-t11079575.html#main

    I forgot to mention that this virus was detected when I did apt-get update. Is it possible for my host OS (Win 7) to flag the tools in my Kali VM? I have another Kali VM installed and I haven't had any issues with it.
  4. 2016-02-19 #4
    grid
    grid is offline Senior Member
    Join Date
    2013-Apr
    Location
    Kali forums
    Posts
    805
    You're welcome

    Hmm, if the hashes don't match, then something went wrong somewhere.

    I haven't had AV flag anything in a Kali VM. However, I did tell my anti-virus to ignore the directory where my VMs are stored, just to be safe.
  5. 2016-02-24 #5
    stian
    stian is offline Junior Member
    Join Date
    2016-Feb
    Posts
    1
    Hei guys I just installed NOD32 on my Kali 2.0 after complete scan I get "a variant of Java/Exploit.CVE-2012-4681.DA" on location usr/share/metasploit-framework/vendor/bundle/ruby/2.2.0/cache/........ my question is this metasploit tool for the(my) kali OS or Im fucked? I also getting threats 23237.pl, 17.pl, 22999.pl, 474.sh on location usr/share/exploitdb/platforms/windows/dos/ and usr/share/exploitdb/platforms/php/webapps/... Is it completely normal or do I ned some hard cleaning, someone?

Similar Threads

  1. Trojan found in Installer Kali ISO file (ARM)
    By jjgantequera in forum ARM Archive
    Replies: 2
    Last Post: 2022-04-20, 21:43
  2. Antivirus detected Trojan and blocked download of metapackages
    By GingerBob in forum Installing Archive
    Replies: 0
    Last Post: 2020-07-25, 11:42
  3. What site do I upload my trojan?
    By Mike9876 in forum General Archive
    Replies: 3
    Last Post: 2019-11-02, 01:48

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules