2 Replies Latest reply on Jul 2, 2011 9:46 AM by Udo

    Malware in LSNRCTL.EXE ??

    GabyPR
      My AVIRA ANTIVIRUS tells me that:

      " a virus or unwanted program named "TR/ATRAPS.GEN5"
      was found in the file c:\app\admin\product\11.2.0\dbhome_2\BIN\LSNRCTL.EXE.

      Access to this file was denied"

      Should I disregard this message ? maybe it's misleading. I just installed 11g yesterday, by accident I has two instances installed
      one in dbhome_1 and one in dbhome_2, the message also appears indicating the same for the file under dbhome_1.

      I cannot delete this file, what is the best thing to do ??

      I installed 11g from a dvd I created with NERO 10 from an iso file downloaded from oracle site.
        • 1. Re: Malware in LSNRCTL.EXE ??
          872825
          I encountered the same problem with an already installed 11gR2(11.2.0.1).
          Thereafter I installed a second 11gR2(11.2.0.1) and a 11gR2(11.2.0.2) - from a recent download - into individual oracle homes.
          Again AVIRA ANTIVIR notifies a "TR/ATRAPS.Gen5"

          Edited by: user1017045 on Jul 2, 2011 12:14 AM

          Edited by: user1017045 on Jul 2, 2011 12:35 AM
          1 person found this helpful
          • 2. Re: Malware in LSNRCTL.EXE ??
            Udo
            Hello,

            it seems you've hit the wrong forum here, as this one is dedicated to the APEX Listener, the new web server alternative to provide access to APEX. Your problem concerns the Database Listener. Hence, the appropriate forum would be {forum:id=61}
            Anyway, such false positives come up quite often, especially when you have heuristics turned on. A similar problem occured recently with the beta of XE 11.2 (see {thread:id=2201609} in the forum for the XE 11.2 beta).
            Since you can trust the source, you could simply put the object on a white list or an exclusion from scanning, or some other means to keep the antivirus solution from blocking the file. You should not delete this file, as you need it to run the database...

            -Udo