Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
My Fedora 25 color went on most of my Activities panel. I ran a virus scan and found 28 different malware. Do you think I can click on the items and delete without shutting of the system? I have another hard drive and know this is the problem.
Advice: Don't enable PUA and don't scan /
There are False Positives having mono installed, for example.
Have a good one!
I wouldn't delete anything.
How do you enable PUA
The are in the boot section and changed ISP numbers. Every thing worked fine until I had a problem with a download.Basically I have to fix the problem or wipe the drive and reinstall.
Please paste a list of the files that were found by your anti-virus program.
To disable searching for PUAs, you don't say if you are running ClamAV through the command line (clamscan) or through the GUI (ClamTK). If the former, use --detect-pua=no (it's in man clamscan). If the latter, uncheck Configuration->Settings->Scan for PUAs.
What was the download that caused the problem? Can you describe that problem in more detail?
Did you make any system backups or images before the problem arose? If you did, then revert to the last one before the problem rather than having to reinstall.
Please paste a list of the files that were found by your anti-virus program.
To disable searching for PUAs, you don't say if you are running ClamAV through the command line (clamscan) or through the GUI (ClamTK). If the former, use --detect-pua=no (it's in man clamscan). If the latter, uncheck Configuration->Settings->Scan for PUAs.
What was the download that caused the problem? Can you describe that problem in more detail?
Did you make any system backups or images before the problem arose? If you did, then revert to the last one before the problem rather than having to reinstall.
I have another hard drive I'm using at the present time I'm presently getting ideas for when I switch hard drives. I can just shut down and unplug this one and plug into the other one. The other one boots up fine but not every thing works.I'm waiting until a new update is released. I'm planning to check if this is good before going further.I'm also waiting on fedora 26 being released so I can make a new cd-rom. I also have a linux drive wiper cd-rom. I've had more problems with Fedora 25 than the last few issues. Thanks for your help.
Remember that a digital computer cannot "get 'infected.'" You could catch the flu just by walking into the wrong elevator, if your immune system did not destroy the virus first. But a digital computer has no corollary to a virus. The files that comprise the core of the system should not be modifiable by any ordinary user ... and your regular login account should not be capable of gaining elevated privileges. You should be running backups to safely preserve copies of anything that a piece of rogue software could modify, and you should also be exercising due diligence.
For instance – run an "ad blocker." Those advertisements are actually computer programs, from a completely unknown source, and they could do anything while flashing pretty pictures at you.
Please paste a list of the files that were found by your anti-virus program.
To disable searching for PUAs, you don't say if you are running ClamAV through the command line (clamscan) or through the GUI (ClamTK).
Either method, PUA is disabled by default.
My point was most folks enable it thinking "extra" will result, and then clicky-clicky on /
Hence, My personal suggestion is always
Don't enable PUA and don't scan /
Code:
clamscan -ri $HOME
will report infected files it finds recursively.
And as a consolation prize for the OP, <wait for it>
...
clamscan doesn't actually clean.
Delete yes, clean no.
But it is still a good first step in analyzing the system for potential threats.
It's a Great Reporting tool.
I absolutely rely on it for servers.
Just sayin'
Peace.
Last edited by Habitual; 06-30-2017 at 03:43 PM.
Reason: thanks for --detect-pua=no
I plan on trying this weekend. A new Kernel is available I plan on installing.
Thanks for the info I have to plug into this hard drive to complete this.
I ran by the command line and didn't pick up anything.Some of the problems were in the kernal. Using the normal clam from the interface showed it still in the new kernel.
I downloaded comodo fr4ee linux anti virus and it didn't pick up anything. The problem appears to be related to perlgtk.
I will look further tomorrow. When I used dnf update --enablerepo=updates-testing I think it changes web sites causing multiple ip addresses.
My Fedora 25 color went on most of my Activities panel. I ran a virus scan and found 28 different malware. Do you think I can click on the items and delete without shutting of the system? I have another hard drive and know this is the problem.
Quarantine them incase there are false positive which is highly likely. This way you can restore them when you find out that they are not a virus.
I tried to do this but clam says I don't have permission or the hard drive isn't large enough. I have a 2T drive with more than 1/2 left available to use.
I tried to do this but clam says I don't have permission or the hard drive isn't large enough. I have a 2T drive with more than 1/2 left available to use.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.