LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-18-2013, 12:37 PM   #1
xfool
Member
 
Registered: Aug 2013
Posts: 49

Rep: Reputation: Disabled
My Virus is confirmed, if I upgrade to crunchbang will the virus follow?


eee pc 900 and 701 xandros linux.

I have checked the previous threads for prior solutions and found none that matched. I have 8 screen shots of the virus directory. The virus is on my boot menu as initrd.img. When I removed the line, the Xandros 4 desk top loaded but I did not have a password. I went into file manager chose the initrd file no data even when i enabled hidden files. I found usbs enabled with data on them and no sticks inserted The virus has attached to my internet,I have a screen shot of unknown wifi. I have tried Kaspersky, AVG, Sophos and a host of other AV software- (will provide names if you need them) to no avail. I don't think this is a duplicate thread but please correct me if I am wrong. Any further information needed please ask, if it is in the console please give me the path- I am still on apt-get. I have read every tutorial, article and hand book entries - was unable to find a solution. Lastly, I do not know the name of the virus. If you can help , that would be great, if not I thank you in advance for trying.

Last edited by xfool; 09-18-2013 at 12:44 PM. Reason: typos, add hardware info
 
Old 09-18-2013, 01:08 PM   #2
joe_2000
Member
 
Registered: Jul 2012
Location: Aachen, Germany
Distribution: Void, Debian
Posts: 808

Rep: Reputation: 216Reputation: 216Reputation: 216
Hi. First: To answer the question from your title: If you reformat the complete hard drive and do a fresh install of crunchbang (or any other operating system) you should be able to get rid of any viruses you might currently have.
However, when doing that you would most likely want to backup your personal data upfront and copy it back to your computer afterwards. If any of the backed up files are infected by a virus you might get problems again.

For that reason I would recommend investigating a littlebit further before going there. (Still backing up your data would be a smart thing to do right now, ideally on a different device than the one you have used for backups before.)

Now, you are stating that your virus is "confirmed" but don't seem to know what virus you have. Could you please give us some more information on that. What exactly makes you sure that you have a virus? The symptoms you are describing sound strange but all of them are described so shortly that it's hard to follow / understand what you are seeing exactly. Example:

Quote:
Originally Posted by xfool View Post
The virus is on my boot menu as initrd.img.
What does this mean, exactly? What line do you see in the boot menu? Why do you think it is "the" virus? Have you already tried booting that boot option, and if yes, what happened? (If you did not try because it looked suspicious don't do it now, just describe why you think it is suspicous).

Similarly please elaborate more on the other symptoms. We cannot guess what you are seeing. If you have screenshots that would help, show them.
 
Old 09-18-2013, 01:28 PM   #3
xfool
Member
 
Registered: Aug 2013
Posts: 49

Original Poster
Rep: Reputation: Disabled
Thank you. I do not have any personal data on either so that is not an issue. I will be happy to send you the screen shots. Sorry about the lack of needed facts. I noticed my internet was being used by another party and would not let me sign on. I went to the DOM inspector and this is where I found all the screen shots I am sending you.
They are on my other computer please have patience while I sign in an send- thank
 
Old 09-18-2013, 01:32 PM   #4
joe_2000
Member
 
Registered: Jul 2012
Location: Aachen, Germany
Distribution: Void, Debian
Posts: 808

Rep: Reputation: 216Reputation: 216Reputation: 216
If you don't have any data on that machine that needs to be saved then making a fresh install is probably the easiest way to fix your problems... IF they are really caused by a virus. You may want to check from within a live system (crunchbang would work for this) to see if you are experiencing similar problems - which would indicate hardware problems. (Again I am only guessing here)

EDIT: If you do make a fresh install make sure to wipe the entire hard drive, not only the OS partition. By the way I also don't understand how DOM inspector fits into all of this. As far as I understand this is a Firefox add-in for web development?!?

Last edited by joe_2000; 09-18-2013 at 01:36 PM.
 
Old 09-18-2013, 01:40 PM   #5
xfool
Member
 
Registered: Aug 2013
Posts: 49

Original Poster
Rep: Reputation: Disabled
here we go
 
Old 09-18-2013, 01:41 PM   #6
xfool
Member
 
Registered: Aug 2013
Posts: 49

Original Poster
Rep: Reputation: Disabled
Are you getting them?
 
Old 09-18-2013, 01:45 PM   #7
joe_2000
Member
 
Registered: Jul 2012
Location: Aachen, Germany
Distribution: Void, Debian
Posts: 808

Rep: Reputation: 216Reputation: 216Reputation: 216
Quote:
Originally Posted by xfool View Post
Are you getting them?
Erm, no... :-(
I think you need to use the attach files options. Never done it myself
 
Old 09-18-2013, 01:47 PM   #8
joe_2000
Member
 
Registered: Jul 2012
Location: Aachen, Germany
Distribution: Void, Debian
Posts: 808

Rep: Reputation: 216Reputation: 216Reputation: 216
Just testing the screenshot upload feature

EDIT: Yes, that's it. Click "Manage Attachments", then hit the browse button. Select the file, then hit the upload button. That should upload the file. Note that there are some restrictions on file size and type...
Attached Thumbnails
Click image for larger version

Name:	Test_screenshot.png
Views:	47
Size:	9.1 KB
ID:	13458  

Last edited by joe_2000; 09-18-2013 at 01:49 PM.
 
Old 09-18-2013, 02:23 PM   #9
xfool
Member
 
Registered: Aug 2013
Posts: 49

Original Poster
Rep: Reputation: Disabled
sorry I have a few more as well that might help[/QUOTE] is giving me errors- should I try a web album?
 
Old 09-18-2013, 02:32 PM   #10
joe_2000
Member
 
Registered: Jul 2012
Location: Aachen, Germany
Distribution: Void, Debian
Posts: 808

Rep: Reputation: 216Reputation: 216Reputation: 216
QUOTE is not what you should be using. See attached screenshot that shows the button to use... It shows up below the text box where you can type your message
Attached Thumbnails
Click image for larger version

Name:	Screenshot - 09182013 - 08:29:18 PM.png
Views:	39
Size:	44.1 KB
ID:	13459  

Last edited by joe_2000; 09-18-2013 at 02:34 PM.
 
Old 09-18-2013, 03:04 PM   #11
xfool
Member
 
Registered: Aug 2013
Posts: 49

Original Poster
Rep: Reputation: Disabled
I know, the quote ws an accident the problem is I have to change the extentions to .pdf here's th 1st- lt me know if it goes thru. It keeps saying invalid file
 
Old 09-18-2013, 03:17 PM   #12
xfool
Member
 
Registered: Aug 2013
Posts: 49

Original Poster
Rep: Reputation: Disabled
I simply can't get this to go thru..I am going to put it on a stick and send it from my android---be a few
 
Old 09-18-2013, 04:29 PM   #13
rokytnji
Senior Member
 
Registered: Mar 2008
Location: Waaaaay out West Texas
Distribution: AntiX 15 , Slackel 14.1, ChromeOS
Posts: 4,701
Blog Entries: 19

Rep: Reputation: 1960Reputation: 1960Reputation: 1960Reputation: 1960Reputation: 1960Reputation: 1960Reputation: 1960Reputation: 1960Reputation: 1960Reputation: 1960Reputation: 1960
Having a dual drive eeepc 900 and a 701SD.

Dump Xandros. Delete all Partitions. Reformat Phison SSD drives as ext2 file system (They are cheap and flaky ssd drives and better safe than sorry)

If the 900 is dual drive (4 gig/ 16 gig ssd) Install crunchbang to the 16 gig ssd and use the primisary 4 gig as storage (like a internal pendrive)

You did not give the ssd drive size of the 701, which came in 2,4,or 8 gig ssd drive models, so until you do. Hard to advise on what to do with that one.

My eeepc 701SD is a 8 gig model and runs AntiX 13.1 just fine. My 900 runs the same distro.
Crunchbang is just fine to run also on those. Unless this virus is a bios rootkit. Deleting and reformatting partitions and installing Crunchbang should be enough to get rid of it.

If wanting old outdate backup Xandros Iso

http://sourceforge.net/projects/eeecommunity/

I keep one around in case I want to sell my eeepc with the original operating system but I recommend using a current supported Linux distro first, as eeepc Xandros is based on Debian Etch.
 
Old 09-18-2013, 04:46 PM   #14
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 6,004

Rep: Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620Reputation: 1620
Why is it that nobody who posts that they have a virus posts any evidence of it or explanations?
xfool, no need for screenshots:
Who told you you have a virus and what did they say?
Which virus did the anti-virus software you used tell you you have?
What are they symptoms of this virus?

Personally, I agree with rokytnji about replacing Xandros as it was horrible when it came out and is even worse now it's no longer supported.
The reasons I asked about the virus though is if you don't stop panicking and start thinking logically about these things then next week, when whichever Linux version it is you install has a glitch during install, you'll think you've a killer virus and burn your house down to rid yourself of it instead of just taking the time to read error messages, google and ask things clearly here.
 
Old 09-18-2013, 04:56 PM   #15
xfool
Member
 
Registered: Aug 2013
Posts: 49

Original Poster
Rep: Reputation: Disabled
No wonder it gives an error that states sum total of attachments owned by xfool is zero I am going to log in as dfool
 
  


Reply

Tags
security breach


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Microsoft Virus Removal... (Virus Live CD) Nathan1993 Linux - Distributions 7 04-06-2011 07:55 PM
dual boot without anti-virus, virus now in linux gardner Linux - Security 7 03-09-2009 02:01 PM
Boot virus or Anti-Virus? AVG Free Anti-Virus Software problems SparceMatrix Linux - Security 9 08-02-2004 03:35 PM
trend chipway virus detected boot virus rafc Linux - Security 1 05-13-2004 02:44 AM


All times are GMT -5. The time now is 05:11 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration