help with a nasty virus/mail ware bug
Can a windows virus that is on the hd cache be put on a ubuntu hd cache. The fallowing has my story.
My wife received a nasty virus on her laptop. The symptom is she was unable to get it out of safe mode. She had to restart the laptop, and when it booted up it said win did not shut down properly. Well it has gotten to the point that the only way to get it past boot. Is to have it shut down for a period amount of time. When I restart the laptop it either can not go past boot, but if it can it just hangs their. Well I wondered what will happen if I plug the Ethernet cable in. Well that is when it infected my win desktop. Then my desktop started to do the same thing. I scanned for virus and mail ware, and nothing came up. So I zeroed out the hard drive with seatools, took out the cmos battery, and reset my cmos. I did the ecaxt same thing to my ubuntu machine. Well it looks like I did not get rid of it. So I am thinking the bug must of attached itself to the hard drive cache. I am wondering if my Ubuntu machine has the same thing? I hate to replace the hard drive, and when I connect it to my net work it would effect my win desktop. The ubuntu machine is acting fine. |
No Windows virus can run on Linux, two completely different systems. The runtime DLLs that it would need are not there. If it's in the MBR it may mean a new hard drive, zeroing it out won't work. A low-level format might. Hard to offer more without know what virus it is.
... |
Quote:
|
Quote:
|
Quote:
I will try it when I get home. Some one hear at work said it may be a bad hard drive. I know that their is a tool on Ubuntu that can check the S.M.A.R.T. to see if their is any bad sectors. Can't remember what it is called. |
I was thinking. Could a bug write itself to a cable modem? I know it could write itself to a router.
|
Routers have interfaces you can reach.
Cable modems are less "friendly", so I'm saying "no" here. I could be wrong. If nothing boots, then I suspect the MBR got scrambled. |
I ran out of time while I was writing this originally, and could not proofread what I put down. I forgot to mention. I re installed windows. It acted fine until I started to do the updates. Then it started to do the same symptoms. When I ran IE to get chrome and my other software. The pc just froze. Earlier I did re set my router by putting a paperclip in the reset button hole. I did run a program to supposedly fix the MBR from the installation cd. So if gparted does not fix the issue. I am guessing it may be hanging around my cable modem. Hopefully the cable modem has a reset option like the router. Well two more hours until I get home. Hopefully my wife does not need mt to do something. I will keep you all posted.
|
Quote:
|
I'd recommend asking the Mods via the Report button to move this to Security for deeper analysis/answers.
This Quote:
|
Get hiren's boot cd it has plenty of AV tools that run from cd, also if you refomat hdd from live-cd any virus is already eliminated so there would be no reason to run Av from live-cd all though if paranoid you can. I just had a wins computer with the Alura virus which is quite difficult to get rid of.
I had to run bit defender from live-cd to cure it. |
I believe it is the hard drive. I ran a handful of updates at a time, and it was fine. Then when I continued to do the updates. I ran into my situation. When I checked the SMART from ubuntu boot cd. It said it was not activated. However it was activated in the BIOS. So I believe that it is trying to write something to a bad sector causing my issue.
I just found out that my wife's laptop was dropped a couple of times. So it was coincidence that both of them crapped out about the same time. Making me think that it was a virus. Thank you all for helping. |
ok folks. I thought I had this nipped in the butt. However I do not. A person at work lent me a hard drive until I can get mine replaced. I installed the windows updates just fine, and it ran fine. Until shortly after I put the window machine on my Lan. Then shortly after it started to act up. I went to change the screen saver, and my mouse went really slow. Then the pc locked up.
I have a fresh install of Ubuntu on my server. I ran rkhunter, and it said it was ok. However it had a warning. The warning was Hidden directory found: '/dev/.udev' and 'dev/.initramfs' I did remove both of the directories. Then continued to reboot. Ran rkhunter again and it came up with the found directories. Ummm before the reboot it also found some files that I was successful of getting rid of. |
stop deleting stuff.
Read the screen, carefully. update rkhunter |
If your saying that your security software running on a Unix filesystem found rootkits, I find that highly suspect. I'm not aware of any rootkits running in the wild that affect Linux. Most of the ones that have been shown are proof-of-concept more than anything. The only way you could be infected would be if your install media was infected, or your software sources were infected. I also fail to see how it would affect Windows, unless you in fact have multiple infections for both systems. There are rootkits that affect firmware and BIOS chips, that can actually survive hard drive replacements and system reinstalls.
|
All times are GMT -5. The time now is 01:48 AM. |