I have a virus or someone has hacked my computer with a USB device and is swapping and deleting my files. There are at least 4 unknown guests in my computer. I am missing files. It says I don't have the authority to remove the programs, as I have been trying for weeks. Please help. I am not the real computer savy, a friend put this on my system to prevent a security breach. This is a home pc. This would be done by someone personal looking to watch my account, or find things to use against me in court.

I appreciate any help. It may be cryptovirus and someone said it was from attaching an android phone and manipulating the files, which I haven't done. I had a "friend" tell me to download some anti-malware software and it said there were 19 files I have labeled as "quarantine". However, the majority of the problem is still here.

Thank you.

Put what on the system exactly?

1 members found this post helpful.

Welcome to the forum. This sounds like you have a problem with someone who has personal access to your computer?

1 members found this post helpful.

First of all can you pull out your ethernet cable? This stops other users getting in.
Next backup your personal data

You can then choose to reinstall Ubuntu (you will get plenty of help here) or whether to address the unknown problem. Let us know

Hi apples45...

Welcome to the forum

Just as a suggestion, you might want to remove your e-mail address, lest your email inbox ends up with a boatload of SPAM in the very near future.

Regards...

...then take a deep breath and be prepared to answer some questions first. You may find there's no breach of security and the problem can be fixed given enough knowledge and time. (And maybe a backup?)


...also do not unduly interpret things: focus on getting the technical details to us first.


- What makes you think the cause was "an USB device"?
- What software installs or updates, system or service reconfiguration happened weeks ago?
- What symptoms showed up when you first noticed problems weeks ago?
- What files are missing? List them?


- List the product used and the file names?

Also check your log files in /var/log for errors and post anything else you think is relevant: the more (detailed!) technical information the better.

1 members found this post helpful.

1 members found this post helpful.

the problem was noticed when after i was looking at some questionable websites. However, that's when I noticed it. I don't have authority to access my backup cache and there are usually 4 unknown guests logged into my system at a time. I have turned off my wifi unless i am using it to see if that helps. I don't have anything incredibly private, its just annoying that there are so many users and its slowing my system down. and further, i can't access the histories of these other users i dont have authority. someone mentioned this could be from plugging in an android device, in which case, why are they accessing my computer on a regular?

does installing gnome have anything to do with this? something about freedesktop manager, and syncing file systems. i didnt have an android phone until way after this began.

who am i supposedly "swapping" with? if this is stuff ive never noticed before that is normal, let me know. i get excited about things that may be nothing.

tara@Tara-Laptop:~$ ls -al /home
total 16
drwxr-xr-x 4 root root 4096 Jan 20 2015 .
drwxr-xr-x 25 root root 4096 Mar 1 22:04 ..
drwxr-xr-x 23 guest guest 4096 Mar 17 00:29 guest
drwxr-xr-x 37 tara tara 4096 Mar 21 17:35 tara

did you created guest account???
who is guest????

i know the guest. he would have had to install something which is unlikely, or its something i got from being online. How do I know if this is serious, or if its just from plugging things in ... i just don't understand who and why people are logging in when im not even home. the only guest should be the one i know about, right?

You're likely new to Linux? As in you are interpreting things? Linux uses something called separation of privileges meaning there will always be different process shown to be running by different users. I suggest you run this from a terminal window and post the output and read some basic documentation about how Linux works.

basically, if you did not created guest account, that means someone did with root privileges if someone beside you have root access that you did not granted that`s worst case i recommend reinstalling, creating new passwords and setting up iptables.

Unspawn and prezmo...

I am Tara. There should be one guest. There are several that seem to have unlimited access. I have noticed numerous programs show up that I do not remember installing, though I could have. Most unnerving is there seems to be a theme about access to audio or something? Could you please explain the language. I will attempt to find something that legitimately shows my concern.

I could very well be interpreting things. I do take medication. However, the fact that I no longer have authority to access my files makes me wonder. There are several "files systems" I'm concerned about... I ran the command line:


I attached what it says. Just let me know if there is someone accessing my files please. If so I have more questions. I have been trying to make adjustments over the last month but things haven't changed terribly. If this is in my head, as many things are, then I thank you for your patience.

Attached Files

1.txt (15.7 KB, 60 views)