Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Virus

  1. #1
    Join Date
    Oct 2011
    Beans
    45

    Virus

    When restarting my system I get a flash of a modal box on my screen which usually means a virus may be executing. Are there any known viruses for ubuntu and how should one get rid of them? Thank you. ALvin....

  2. #2
    Join Date
    Jul 2005
    Location
    England
    Beans
    Hidden!

    Re: Virus

    I don't understand. What exactly is the modal box and why do you think it may be a virus.

    There are no viruses in the wild for Linux, so I think you can probably rest easy about that, but tell us more about what you actually see when you restart.
    DISTRO: Xubuntu 14.04-64bit --- Code-tags --- Boot-Repair --- Grub2 wiki & Grub2 Basics --- RootSudo

  3. #3
    Join Date
    Nov 2007
    Location
    London, England
    Beans
    6,028
    Distro
    Xubuntu 15.10 Wily Werewolf

    Re: Virus

    I get a flash of what might be a dialog box as I restart my laptop quite often - it shows for a fraction of a second as it is shutting down. I suspect that in my case it is something that normally lives in the system tray with its window hidden, possibly gigolo. Or maybe it is a brief flash of the lightdm login dialog, I'm really not sure. If this is what you are seeing, I think you can assume it's not a virus. I don't understand why you say it is modal though.

    ajgreeny: A modal dialog is one that stands in front of the main application window, preventing you from using the main application window until the modal dialog window is closed again. Quite often it is an "Are you sure" type question or some kind of warning.

  4. #4
    Join Date
    Oct 2011
    Beans
    45

    Re: Virus

    My understanding of a modal box is any box that appears at the front of a screen usually displaying a message and must be cleared before you can proceed. The box in this case clears itself as its operation has executed. In windows these are cmd line dialog boxes that the virus uses to start itself. Its not a flash of the screen and it is definitely a modal box at the start of the session not at the end. Is there any virus eradicating softwsre for linux? clam?
    Last edited by schmitta; October 30th, 2013 at 09:56 PM.

  5. #5
    Join Date
    Jan 2011
    Location
    KS, USA - OK, USA
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Virus

    Ubuntu, or rather Plymouth, is not recognizing that it needs to NOT display what is going on behind the scenes. It is just displaying what exactly it is doing, this is beneficial to see if any errors are going on. Such as on my system whenever I start/shutdown it tells me that KVM is disabled in the Bios among other settings I have made that it wasn't expecting. Don't worry nothing insecure is going on with your system from what you have told us. Linux runs a pretty awesome system of virus protection, the need to type your password to run just about ANYTHING on your system. So, as long as you haven't set yourself in a root-only login (not easy to do) you're fine.

    TL;DR

    No virus, just telling you what's going on; albeit really quickly.
    System Specs: Processor:Intel® Core™ i7-2640M CPU @ 2.80GHz × 4 Graphics:nVidia Quadro 2000m RAM: 8 GB

    Ubuntu User: 34379

  6. #6
    Join Date
    Jan 2011
    Location
    KS, USA - OK, USA
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Virus

    Quote Originally Posted by schmitta View Post
    My understanding of a modal box is any box that appears at the front of a screen usually displaying a message and must be cleared before you can proceed. The box in this case clears itself as its operation has executed. In windows these are cmd line dialog boxes that the virus uses to start itself. Its not a flash of the screen and it is definitely a modal box at the start of the session not at the end. Is there any virus eradicating softwsre for linux? clam?
    Whoops sorry didn't see this. Here's a list taken from Ubuntu (other than Clam I should add):


    • Avast! Linux Home Edition. More information about Avast! at wikipedia and an install guide at UbuntuGeek. Avast's product key didn't work so we contacted the company & are awaiting their response.
    • AVG Antivirus. AVG is popular in Windows. Like most antivirus programs it detects infected files but doesn't remove the infections. Unusually though, it also doesn't move infected files to a quarantine folder. There is a more detailed page about Avg in Ubuntu.
    • Avira Antivirus. Requires Java to use the GUI.
    • BitDefender Antivirus. Limited time trial version available apparently but only after filling in a form. BitDefender checks for Windows viruses. There is a community documentation page about it here.
    • Panda Antivirus. I didn't check this one but it appears to be old and no longer maintained. It used to have some unique & awesome features
    • F-PROT Antivirus for Workstations (home users). Free for personal use. GUI front-ends are available, but may require some manual work. e.g. XFProt. I have not tried the GUI front-ends.
    • Wiki list
    System Specs: Processor:Intel® Core™ i7-2640M CPU @ 2.80GHz × 4 Graphics:nVidia Quadro 2000m RAM: 8 GB

    Ubuntu User: 34379

  7. #7
    Join Date
    May 2009
    Location
    Indiana
    Beans
    1,965
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Virus

    If you had a hypothetical virus, it hypothetically wouldn't need to launch a visible terminal to work in the background. The real question is how you could have ended up with a malicious executable in your system. Have you added unscrupulous software sources? Do you carelessly set files you download as executable? Did you make Ubuntu listen on ports unnecessarily and not set up a firewall?
    Jane, stop this crazy thing!

  8. #8
    Join Date
    Jul 2005
    Location
    England
    Beans
    Hidden!

    Re: Virus

    Quote Originally Posted by The Cog View Post
    ajgreeny: A modal dialog is one that stands in front of the main application window, preventing you from using the main application window until the modal dialog window is closed again. Quite often it is an "Are you sure" type question or some kind of warning.
    Yes, thanks. A quick search soon told me the answer to my own question. However, I still believe that the OP is worrying unnecessarily about having a virus that is affecting the ubuntu OS.
    DISTRO: Xubuntu 14.04-64bit --- Code-tags --- Boot-Repair --- Grub2 wiki & Grub2 Basics --- RootSudo

  9. #9
    Join Date
    Mar 2011
    Location
    19th Hole
    Beans
    Hidden!
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Virus

    At the risk of burying you in information overload, here are my two-pennies:

    1. People coming to Linux from Windows are usually absurdly over-sensitive about viruses and yet completely desensitized to real security concerns. Windows has conditioned them into thinking of Windows' deficiencies as normal.
    2. It is extremely difficult to catch a virus in Linux. You almost have to consciously install one. There are no viruses in the wild and AV software is a waste of time, money, computing resources, and most importantly, a diversion of proper focus. You should be doing a lot of other things to protect yourself, but the AV con-game is not one of them.
    3. Although viruses are insignificant, things like Trojans and rootkits (which require you to actively do something stupid to get them installed) are a real danger. If you have lousy password habits, install programs promiscuously, neglect to harden your browser, don't stay updated, or generally think of security as a software fix rather than good habits and judicious conduct, then you are at risk. Since you are posting about your security concerns in the first place, it doesn't seem like you fall into this category.
    4. A lot of screen flashing, etc does happen in the bootup/shutdown process. A piece of malware is unlikely to be written so shoddily as to make its presence known in this way. They are creatures of stealth and don't advertise their presence. The really nasty ones will even cover their tracks in your logs.
    5. If you are truly interested in Linux security, then you will make sure of the following before wasting your time hunting for viruses:

    A. Practice good authentication habits. This means logging in with passwords instead of the truly idiotic Windows convention that bypasses the challenge/response process and encourages people to be lazy pathetic bums. And even then, use high-entropy passphrases instead of easy-to-crack passwords.
    B. Encrypt your private data directories or even your whole /home directory using LUKS or ecryptfs. This is completely predicated on (A) above and is obviously pointless without login authentication.
    C. Do not activate the root account. Use sudo only when absolutely necessary and only if you know precisely why you are doing so.
    D. Read and understand your logs regularly and as a matter of habit.
    E. Activate your firewall with UFW or its graphical equivalent GUFW. Open only the minimal necessary ports for productive functionality, both incoming and outgoing. Preferably, open nothing incoming.
    F. Create apparmor profiles for all apps facing the internet, that have access to system resources, or that are known attack vectors (like CUPS, SSH, VNC, etc).
    G. Turn off all unnecessary services/modules/drivers and run only the minimal number needed for functionality. (e.g. I turn off bluetooth on my devices and use safer workarounds.)
    H. Don't add PPAs as if you were swallowing candy (the way some people do) and use only software from the repositories. More advanced users will compile outside software and even their own kernels, but they presumably know what they are doing and have done all of their background checks. However, even among Linux veterans, this is a known attack vector for worms and trojans.
    I. Harden your browser with adblock, noscript, better privacy, WOT and a cooking manager.
    J. Remove Java and Flash if you don't need them.
    K. Better still, use a primitive browser incapable of cookies or scripting (like links2) for your everyday browsing.
    L. Always stay updated, and never run obsolete out-of-support OSes.
    M. Don't be stupid.

    The above practices will not render you immune, but they will go a long way to making you too difficult for most crackers to bother with. And you will note that AV apps don't make a single appearance in any of the above. Of all these measures, it is (M) that is most important. Nothing will protect you from the consequences of your own stupidity. If you download an app from i-own-you.com and then install it with sudo just because you like that cute kitten that shows up on your system tray, then you are the author of your own tragedy and no combination of software or safeguards will protect you.

    The subject of security is vast and has its own subforum on this site. There are further measures that advanced users can take from port scanning to rootkit checking. However, this would be putting the cart before the horse with most users. There's no point in learning how to use snort if you can't even be bothered to authenticate at login.

    If you want to learn about security the right way, read the stickies in the security subforum and read everything in the following links:

    Basic Security:

    https://wiki.ubuntu.com/BasicSecurity
    http://www.psychocats.net/ubuntu/security
    https://sites.google.com/site/easyli...oject/security

    Advanced Security:

    https://help.ubuntu.com/community/Security
    all stickies in:
    http://ubuntuforums.org/forumdisplay.php?f=338
    in particular:
    http://ubuntuforums.org/showthread.php?t=510812
    and anything by bodhi.zazen, Dangertux, Ms Daisy

  10. #10
    Join Date
    Sep 2008
    Location
    Chicago
    Beans
    Hidden!
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Virus

    DuckHook has written a brilliant summary of security in Linux. Every newbie I've helped asks, "Where's the anti-virus?" Explaining why an AV is not needed always provokes shifty-eyed looks. Windows has so mercilessly corrupted computing that it is the Basic of OSes. Just as Basic almost forces a user to use gotos and other bad programming practices, so Windows forces newbies into the Microsoft paradigm-du-jour: first there was COM, then came OLE, followed by ActiveX. Each did essentially the same as its predecessor, but cost more because who would have shelled out $200 or thereabouts for an operating system that could't claim new! and improved! -- few indeed I'm sure. That's the Windows problem: it must be the Jolly Green Giant of OSes, or buyers will think twice about pouring more money into the pockets of its rich owners. This alone should make a potential buyer of Windows to look for an alternative. Ubuntu certainly isn't perfect, but it's close.
    Last edited by whitesmith; October 31st, 2013 at 02:42 AM.
    In working with *nix...There be dragons. Newcomers: I recommend reading Linux is Not Windows (http://linux.oneandoneis2.org/LNW.htm) and The Linux Command Line (http://www.linuxcommand.org/tlcl.php) before beginning your quest for a better OS.

Page 1 of 2 12 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •