On Mon, 15 Dec 2003 09:47:07 -0500 fs <frank@xxxxxxxxxxxxxxxxxxx> wrote: > Powerful Trojans are going around that brought down my kernel 2.4.22 > last night. I first noticed the system was very sluggish and I could > not longer use Nautilus. Then my email inbox stopped working. Then > cups. One virus is java related. Your problem quite likely didn't have anything to do with "powerful" trojans at all. > /usr/share/locale/fr/LC_MESSAGES/net-tools.mo > <<< The Trojan horse TR/HackToolX.RK.1 This is a language file that contains french translations for application strings. It doesn't contain executable code so it's not a likely candidate for an actual virus. More likely a false report from your virus scanner. > ALERT: [TR/Classloader.C virus] > /home/fs/.java/deployment/cache/javapi/v1.0/jar > /WebCounter.jar-53ebf3b-6321a0e0.zip <<< The Trojan horse > TR/Classloader.C The classloader virus apparently only affected java versions prior to 1.2, so if you are running with a recent version you should have been protected from it. All the google references i could find to this virus are from 1998 and 1999. > Vexira repaired none of these, just gave me alerts. > > Sending this email after system clean load. Hmmm... my guess is that your virus software will still complain about the language file and will again complain about the classloader issue if you revisit the offending website. On the upside, rebuilding your system probably fixed whatever the real problem was too! Cheers, Sean
