LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-06-2009, 01:17 PM   #1
gardner
LQ Newbie
 
Registered: Mar 2009
Posts: 6

Rep: Reputation: 0
dual boot without anti-virus, virus now in linux


I run dual boot.

I was too lazy to install an antivirus when I formatted windows last month. When I got lots of viruses, I had to save and format again, and run anti-virus. I did that and one of the viruses (one that randomly plays sound clips) has made it into Linux, I believe. Unless it was a webpage playing the sound clip.

And now, firefox loads the first window in a weird full-screen mode where the taskbar is covered, but the menus are present. So, it's not legit fullscreen. A fella in software says it sounds hacked...


I'm a newbie. Sorry. I just hate windows. Any help?
 
Old 03-06-2009, 01:35 PM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Are you sure you don't just simply have full screen mode enabled and the navigation bar disabled?
 
Old 03-06-2009, 02:44 PM   #3
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
Install the noscript plugin for Firefox to avoid problem scripts. I wouldn't regard this as a virus however. You can also clear your cookies, and only accept cookies from select sites. Even without noscript, you can disable java & java script and only enable them for select sites. In the java script -> advanced setup you can disable resizing of existing windows.

Last edited by jschiwal; 03-06-2009 at 02:46 PM.
 
Old 03-06-2009, 02:46 PM   #4
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
I seriously doubt that, are you running FF through wine or something ?

If you're not and you find the virus, e-mail it to me, I wanna see it.
 
Old 03-06-2009, 03:26 PM   #5
gardner
LQ Newbie
 
Registered: Mar 2009
Posts: 6

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by H_TeXMeX_H View Post
I seriously doubt that, are you running FF through wine or something ?

If you're not and you find the virus, e-mail it to me, I wanna see it.
I know, but I can't explain the random rap interview that started playing the other day while on linux. It was 10 seconds, then stopped. I didn't click anything before or during.

Quote:
Originally Posted by win32sux View Post
Are you sure you don't just simply have full screen mode enabled and the navigation bar disabled?
I'm sure. I hit F11 and its different, hit it again and its back to normal.
 
Old 03-06-2009, 03:33 PM   #6
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
You should boot a live CD and scan all your GNU/Linux partitions using ClamAV (with up-to-date definitions). If the results come back negative (as I suspect they will), then we can focus on proper troubleshooting. It's hard to start troubleshooting when we've got all this virus suspicion in the air, so lets get rid of that first if we can.

BTW, please post the scan summary here for us to check out.

You probably wanna scan with the "-i" option in order to have clamscan only report infected files. Example:
Code:
clamscan -ir /mnt/hd
Remember to run freshclam before clamscan.

Last edited by win32sux; 03-06-2009 at 03:55 PM.
 
Old 03-09-2009, 11:27 AM   #7
maxut
Senior Member
 
Registered: May 2003
Location: istanbul
Distribution: debian - redhat - others
Posts: 1,188

Rep: Reputation: 50
clam is good but u may want to scan with other antivirus softwares too.
linux live cd from kaspersky:
http://dnl-eu10.kaspersky-labs.com/d...ds/RescueDisk/
linux live cd from bittdefender:
http://download.bitdefender.com/rescue_cd/

best regards
 
Old 03-09-2009, 01:01 PM   #8
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 163Reputation: 163
Quote:
Originally Posted by gardner View Post
I know, but I can't explain the random rap interview that started playing the other day while on linux. It was 10 seconds, then stopped. I didn't click anything before or during.

I'm sure. I hit F11 and its different, hit it again and its back to normal.
I'd put a higher probability on your system being compromised than you having a virus. However, running the virus scanners won't hurt anything. It also wouldn't hurt to run chkrootkit and rkhunter. When that step is done you may wish to look at completing the intruder checklist.

Last edited by rweaver; 03-09-2009 at 01:04 PM.
 
  


Reply

Tags
firefox


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Dual boot: Can a virus on windows bring down my linux partition as well? xri Linux - Security 2 09-06-2007 08:29 PM
Linux Network Boot Disk and Anti-Virus metallica1973 Linux - Networking 9 01-06-2007 07:22 AM
Anti Virus/ Anti Spam for Linux? Sp@rticus Linux - Software 3 11-18-2005 02:17 AM
Boot virus or Anti-Virus? AVG Free Anti-Virus Software problems SparceMatrix Linux - Security 9 08-02-2004 02:35 PM
Dual-boot question: Problems with Windows/anti-virus? Ice Dragon Linux - Newbie 6 03-15-2004 07:05 PM


All times are GMT -5. The time now is 05:18 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration