spyware detection/removal

[bohemian2]

I rent a room to a talented techie who I recently found out was being deceptive on several counts. I accidently left my laptop in the livingroom and today when I fetched it, it initially didn't recognize my password, did some funny stuff and then when I logged in as guest it said something about releasing spyware....(happened really fast so hard to remember all it said) before it flashed on the normal guest screen.

How can I check/scan for spyware and are there any settings I can set that will help me protect it in the future or notifiy me if something fishy has happened? Also, how can I reset my password for my initial user login? I bought my toughbook 2nd hand and don't really know how to get into the administrator settings to change my login password. I am also not a techie, but very supportive of opensource everything (I am a strong activist) and wouldn't leave ubuntu for the world!

I also want to know how to set up the best protection possible in regards to keeping my emails and what I search private and erased each time.

I suppose the spyware detection/removal is the first priority.

All help is much appreciated!

[oldos2er]

Moved to Security Discussions.

[ventrical]

I rent a room to a talented techie who I recently found out was being deceptive on several counts. I accidently left my laptop in the livingroom and today when I fetched it, it initially didn't recognize my password, did some funny stuff and then when I logged in as guest it said something about releasing spyware....(happened really fast so hard to remember all it said) before it flashed on the normal guest screen.

How can I check/scan for spyware and are there any settings I can set that will help me protect it in the future or notifiy me if something fishy has happened? Also, how can I reset my password for my initial user login? I bought my toughbook 2nd hand and don't really know how to get into the administrator settings to change my login password. I am also not a techie, but very supportive of opensource everything (I am a strong activist) and wouldn't leave ubuntu for the world!

I also want to know how to set up the best protection possible in regards to keeping my emails and what I search private and erased each time.

I suppose the spyware detection/removal is the first priority.

All help is much appreciated!

What version of ubuntu are you using?

2. I always use the log on with password option when I do a fresh install. Also, you can make another account (if you have to original password of your current account) grant admin privlidges and then go from there.

[SeijiSensei]

1) Assume that the machine has been compromised and reinstall the OS from scratch.

2) Use a BIOS password.

3) Find a new tenant.

[3rdalbum]

The machine saying "Releasing spyware" on login is like a murderer wearing a shirt that says "I'm about to kill somebody". It's not going to happen, because that would just be plain dumb.

Frankly I can't say I believe this story, but if anybody suspects their computer has been messed with by somebody with malicious intent, they should reinstall the operating system.

[unspawn]

I am also not a techie

If that's the case then with all due respect could it be you just misread the signs? Could it be you fat fingered your password? Caps lock?

I suppose the spyware detection/removal is the first priority

If you suspect your machine is compromised then you want to allay those fears by investigating the extent of the damage yourself (or have somebody knowledgeable investigate it for you), then restore the machine to working order and then strengthen its security posture. If you're not able to investigate things yourself then you at least could boot a (any) Live CD and write an image of the disk to a file on removable media like a SATA / USB or whatever else disk or stick as long as it has enough free disk space. I'll hold off replying to the rest of your questions for when you've indicated if you want to investigate this properly or not.

*Note that re-installing the OS from scratch without first saving evidence is the single, best way to aid an attacker because you'll be wiping evidence for him.

[SeijiSensei]

Note that re-installing the OS from scratch without first saving evidence is the single, best way to aid an attacker because you'll be wiping evidence for him.

You say that like the OP is going to haul his tenant into court. Who is going to be analyzing this "evidence?" For what purpose? I suppose if they have a signed lease with a "bad behavior" clause to protect the OP there could be some kind of legal proceeding, but if this is a "tenant-at-will" arrangement, or one without a signed lease, attorneys and courts seem an unlikely future path.

[OrangeCrate]

I rent a room to a talented techie who I recently found out was being deceptive on several counts. I accidently left my laptop in the livingroom and today when I fetched it, it initially didn't recognize my password, did some funny stuff and then when I logged in as guest it said something about releasing spyware....(happened really fast so hard to remember all it said) before it flashed on the normal guest screen.

How can I check/scan for spyware and are there any settings I can set that will help me protect it in the future or notifiy me if something fishy has happened? Also, how can I reset my password for my initial user login? I bought my toughbook 2nd hand and don't really know how to get into the administrator settings to change my login password. I am also not a techie, but very supportive of opensource everything (I am a strong activist) and wouldn't leave ubuntu for the world!

I also want to know how to set up the best protection possible in regards to keeping my emails and what I search private and erased each time.

I suppose the spyware detection/removal is the first priority.

All help is much appreciated!

As others have said, reinstalling is most likely your best bet (that's what I would do, without hesitation). If you want to be really really sure, nothing happened to your computer, you could nuke the hard drive prior to reinstallation...

http://www.dban.org/

[unspawn]

You say that like the OP is going to haul his tenant into court.

You're certainly free to interpret what I have said.

Who is going to be analyzing this "evidence?"

I'd prefer the OP with help from this community.

For what purpose?

Simply to be able to tell if something is amiss or not.
I prefer to see people act based on [I]facts[I], not fiction.
After all what's a problem if you can't or won't analyze it properly?