A while back I had been using ubuntu on a live cd after my windows partition had been taken over by a virus, which at the time I thought had been removed by my anti virus (and then took out winlogon) and I did a system repair instead of a complete reformat because I didn't want to lose all of my files. After repairing, I noticed some things like what looked like fake "this page has been blocked based on your security preferences" on major sites like ....., myspace and facebook. I ran another virus scan with a different AV and strangely it detected a behavioural software keylogger, which after looking it up seemed to be something that could only be installed with physical access to the system, which confused me. Anyway, this is when I started to use the live CD to copy some of my music, videos, pictures etc. onto my flash drive. From what I can remember, I used this USB on my main computer without problems, but the last time I used it (few months ago) I ran a virus scan afterwards, just to feel safe and it came up with a couple java exploit trojans. This was probably just coincidence and I hadn't ran a scan in a day or two, possibly even a false positive as I noticed no decrease to system performance or any odd happenings.
So, my questions are: Is it even possible for a virus from a windows partition to copy itself to a USB flash drive on an ubuntu live cd; and is it possible (if the virus was even capable of this) if I insert the flash drive into my ubuntu computer, it could do anything like transfer across my WLAN to my windows computer, or even copy its files onto ubuntu but be unable to do anything? Which brings me to another question: if I visit a website that may contain drive-by malware or a virus of any type, is it capable of acting at all, such as even trying to transfer itself into my home folder, or does it not even recognize ubuntu at all and do nothing?
I use my ubuntu laptop at work and connect a lot of usb pen drives to my computer. Everyone else I work with use windows and I want to make sure that the usb pen drives don't contain any windows viruses so I don't spread them. The best way for this to be done would be to have the USB pen drives automatically scanned with they are inserted in my ubuntu machine. How to do this?
I have a dual boot computer. The WindowsXP "side" has been infected with a rootkit virus. So far UBUNTU has not been affected to my knowledge. I have not yet removed the virus from the WindowsXP "side". I am thinking of deleting the NTFS partition and have the computer fully dedicated to UBUNTU. Now for my question. Is there a possibility that the virus resides in the MBR and that I need to "rebuild" the MBR to actually remove the virus?
Even more extreme, should I totally re-install UBUNTU in the name of safety and precaution.
I loaded Ubuntu desktop onto my flash drive with the USB Installer For Ubuntu from [url]
I'll be placing sensitive data on the drive & need to figure out how to encrypt it. From what i've read so far, the easiest way will be to encrypt the swap, /home, tmp, temp files. Not quite sure how to do this. I'd prefer to encrypt the whole drive, but this seems quite complicated.
Is there a program like BlueProximity but works with a file on a flash drive which will lock up the computer if it does not detect a file on a flash drive. What I am wanting to do is make certain features inaccessible if the flash drive is removed so if anyone uses my computer they can't hurt anything.
Folks:What can I use to encrypt all data on my USB flash drive? If possible, could I use something that has a public Key, so I do not have to type in a password to access the information when I plug the drive into my machie, but will not open or display contant if the drive is plugged into anyone else's machine, unless they have the public key?
What should I do if I want to allow access to USB flash drive selectively - Say for e.g. All permissions for "root", "Read/Write" for user "A", Only "Read" for user "B" and user "C" shouldn't be able to access or mount (no permissions) the USB flash drive at all.Also I want to do it by modifying entries in some files or by some commands (so that it can be done programatically if needed)
I want to run Debian as a live version from my USB flash drive. Does this provide the same amount of security from hackers as installing Debian as the only OS on my netbook. Windows ce would still be on my netbook?
I have two questions regarding auto mount function of Truecrypt. First question:
I want to automatically mount my flash drive encrypted by Truecrypt using a keyfile whenever I plug the drive. How can I do this? I use Ubuntu 10.10.
Second question:
As I do not know the answer of my first question, I currently use following command in a startup script to mount my encrypted flash drive automatically at every system start-up.
My problem with this method is, Truecrypt always search for the drive in the same path saved in favorite drives list, e.g. /dev/sdb1. However sometimes there are more than one flash drive plugged to my computer and my encrypted drive's path changes. In such cases Truecrypt cannot mount my encrypted drive because it cannot find the drive in its path.
As a workaround I tried "auto-mount=devices" parameter. It is slow because it checks every mounted drive, and some of them external hard disk big in size. Moreover it does not recognize any mount point parameter. I'd like to mount the drive to the same mount point every time.
I'm quite new to Ubuntu and I am running Ubuntu Studio 10.04 . I have just installed Klam AV and had it scan my computer . I was surprised to find that it had found two 'viruses' . I don't know if anyone can help me in finding out if they are real or only false positives . The following is the output that I received .
Name of File /usr/src/fglrx-8.723.1/libfglrx_ip.a.GCC3 and GCC4 Name of Problem Heuristics.Broken.Executable Status Loose
Unable to send mail thus adjust protocol port and it worked. Things moving slow on computer. Thus ran clamtk virus scanner. It found a virus. Tried to quarantine it but not successful. Have GUI version 4.15 Antivirus engine .95.3. Virus is located at /home/kim/.mozilla-thunderbird/zrlm4cOj.default/Mail/LocalFolders/Inbox Phishing.Heristics.Email.SpoofedDomain What do I do to get rid of it?
My machine that is running Windows XP got a virus a few months ago. Keep in mind I have NEVER used Internet Explorer.
Symptoms when CONNECTED to the internet: My volume is turned down on start-up. When the volume is on the internet explorer "clicking" noise plays frequently. In task manager there are two "iexplore.exe" processes running. As soon as I kill them they will start up again. They aren't taking up copious amounts of memory, but they are still very present. If left on for long enough pop-ups will start appearing.
Symptoms when NOT CONNECTED to the internet: None.
What I've done: I've ran a handful of the free Anti-Virus programs, e.g., AVG, ComboFix, avast!, and Malwarebytes' Anti-Malware.
I have Avast Antivirus installed in Ubuntu 10.10. There are options to select folders to scan from 1. Home Directory 2. Entire system and 3. Selected folders. What are the options available to scan only selected drive. OR How to scan only USB stick.
Installed Ubuntu 9.1 karmic koala in a dualboot with Windows XP to remove a virus from the windows drive. I think the virus was found but somehow I have done something to cause a invalid drive error message at startup. I read that gparted may by a way to fix this, but I don't want to do anymore damage.
This is what is displayed when I start Gparted /home/ubuntu/Desktop/Screenshot--dev-sda - GParted.png [IMG]file:///tmp/moz-screenshot.png[/IMG][IMG]file:///tmp/moz-screenshot-1.png[/IMG]
I'm dual booting 10.04 with windows 7 and it occurs to me that I could scan the windows partition for viruses FROM linux. Is anybody doing this sort of thing? Does that make any sense?
Since Wine recognize the .exe filetype and associates itself with it, is it possible to get a virus that starts up automatically in wine or is it limited to me manually running the program?
I know Ubuntu doesn't really become the receiving end of Virus and melware but IM one of those users that proves that there are virus out there for mac and Linux.Like a few years ago (back during 8.o5 Ubuntu i think i downloaded a hefty amount of software with out considering the recourse Thus I became the receiving end of a nasty Ubuntu target virus sucked and at the time it ruined my fun so i went back to the windows virus any ways I'M looking for a virus protector that works on Linux as I tend to be Very.. *ehem...* dumb when it comes to what not to download
so ya other then avg (i had that on windows virus and its awful)also could I get an idea of things NOT to download?
I believe the name of the virus is "PC Defender 2010". This has self-installed, causing popups attempting to convince the user that there is a security flaw, and that they should upgrade to the advanced version. I have looked this up, and it is definitely a virus. The virus creates a shortcut with a target in the AppData folder named defender.exe. When I went to search for this file, after having set it to show hidden files and folder, I looked in the folder, and found nothing by the name of defender.exe. Does anyone have any ideas as to how to find this file, if it even exists, and then remove the virus all together from the computer. Ideally these solutions will be executable from Windows, as the user is rather afraid of linux.
I know that there is little need for me to install an anti-virus etc - but - I was thinking, it is a good idea to scan folders and files that I send to colleagues that run windows.Whats the best way and programme to do this? I guess I simply install an AV programme and thats it!
I believe it is a keylogger because my Facebook account has been hacked, I believe my email has as well. I heard that even if you reformat a harddrive, the virus could still sit there and apparently that is what happened to me. how to be rid of it and keep my security. I installed RKhunter and Chkrootkit. Rkhunter reports warning files while checking my filesystem. I can post a log if need be.
I used my printer without any problems using ubuntu os. As the day went surfing got slower. I lost ability to print. Went into windows os, which I haven't used for a few day, and scanned with superantispyware. A Trojan virus was found. Went back to ubuntu os and found that all printer programs had been removed.
After some time i always see a trojan virus in my ubuntu machines shared folder. It is an exe detected by ClamAv as Trojan.Autokit-77 I thought i was getting it from some windows machine on the network but that isn't the case. I deleted the virus and removed my computer from the network and still the virus comes back. My computer however, is still connected to the internet through an independent mobile broadband usb stick.
So where is the virus coming from and why is it going to my shared folder. I thought ubuntu would not allow the virus to do something like this without me giving it permission. I am running 10.4.
Lately, I've found 2-3 times an .exe file with a random name in my /home, and another data file with a random name as well. I'm a user of wine, but none of the programs that I use seems to be the cause. Last time it happened I sent it to virustotal.com, and this is the result: [URL].. So, this is clearly a virus. The two files show "nobody" in the proprietary field and "none" as group. What can I do to track down the cause? Also, telepathy-butterfly likes to hog 100% of CPU lately, and all I can do is killing it: is someone exploiting a vulnerability? if so, why the hell would he drop a win32 virus?