suspect spy ware, how do I scan and destroy spy ware ?
UbuntuThis forum is for the discussion of Ubuntu Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
What makes you suspect some form of spyware (ie, what evidence do you have, so far?).
Have you tried running LMD (Linux Malware Detect) and rkhunter (root kit hunter) to see if anything shows up in either of those that confirms your suspicions?
(And, be aware that 'some kind of spyware' is quite a wide filter - some people would consider Google's browser to be spyware, because it calls home at times, and I think that at one point there was an Ubuntu calling home issue, but I am unclear if that included the Ubuntu variants, such as Kubuntu, Lubuntu, Xubuntu, et and whether it is still an issue - anyway, knowing which version you have might be a step forward.)
And, assuming that it exists (is spyware, rather than something else) and is some kind of post-install ingress of spyware, you should definitely try to do whatever is possible to find out how it got in, assuming you don't want something to use the same vulnerability again to cause the same problem, or another problem, further down the line. It might be something as simple as some over-ambitious browser add-on, or it might be something altogether more nefarious - difficult to comment yet.
I'm running Lubuntu on an old desktop.
I suspect I have some form of spy ware.
What can I do to find out for sure
and destroy the spy ware if found ?
There is also clamav which is available in the Ubuntu repositories, as is rkhunter.
You did not state what version of Lubuntu you are using. Your best defense against malware is to be using an up to date version of Lubuntu that is still supported with security updates. Also be sure to only install software from trusted sources. Note that this does not include those totally unsupported and all too problem prone PPA repos that so many people manage to get themselves into trouble with.
For what it's worth, I have never heard of malware associated with those PPA repos, but be advised that those PPA repos vary greatly in quality and reliability, so use caution with them, if you use them at all.
Also, if you have been running your system as root, you need to stop doing that!
If you use Linux properly and install the security updates and only install software from trusted sources your chances of getting infected with malware are minimal.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.