Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    virus or trojan?

    In linux binaries, in any linux distro, I've discovered the same strings which I believe may be due to a virus or trojan.

    Yet, clamav, rkhunter, chkrootkit do not detect abnormalities.

    Whether I run 'strings' on the binary files or view with vim or gedit, here is what is always seen inside the binaries:


    Followed by commands which differ within each binary.

    If, by some luck, I've downloaded a fresh Linux ISO where binaries do not include the above two strings followed by commands, after I run an update the updated binaries suddenly contain the above two strings and other, what I believe to be, rogue strings.

    I've avoided the possible infection with an OpenBSD install, yet all the Linux installations and burned ISOs contain binaries with the above two strings followed by commands.

    Google results are vague, some suggest shell backdoors, any help?

  2. #2
    I believe it has to do with GCC. Here are a couple of post about it. I just did a search of "_Jv_RegisterClasses "

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts