linux virus "aMuler" ?
 

Hi All,

I just found out that my Linux box might be infected with a virus, it all started when I tried to do an “ls” on my terminal, instead listing the files in the “dir” it logged me out, I reinstalled the terminal emulator which is “rxvt” still the same thing. A couple of hours later all of my terminals where having the same behavior. Then I tried shutting down X and doing “ls” from the console same thing it would log me out. The strangest thing that happened, that convinced me of “IT” being a virus was that it started rebuting on its own, whit messages like “message from root aMuleR – EO”. Does anybody have a clue of what it is and how to remove it.


Thanks in advance.

P.S: Yes I do have “aMule” installed and I probably cached the virus while downloading stuff whit it.

are you able to install and run f-prot or other av software?

Yes I'm using bitDefender.Just finished the scan and it didn't find anything. Maybe it is not a virus maybe someone made some sort of an attack, which I doubt because i checked the log files and did not find anything strange.

That doesn't mean anything these days. A careful hacker (or for that matter a skiddie attacking a system with the usual "default" settings) will erase any traces of their entrance into your system. I think you've been had... time to reinstall and patch software. :)

Well I would check for root kits... but in the end you will need to do a full reinstall just to be safe.

Boot off a Live CD, backup your important data to another drive or CDs, and then nuke your partition.

Reinstall and you're good to go.

Remember to keep up-to-date with your distro.