Virus intrusion

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post please read how to get help
Post Reply
teguh_broadway
Level 1
Level 1
Posts: 2
Joined: Wed Feb 21, 2018 2:38 am

Virus intrusion

Post by teguh_broadway » Wed Feb 21, 2018 2:46 am

I use Linux Mint Cinnamon 18.3 64-bit. I installed Firefox 57 via Linux Mint repository. Yesterday I scanned my HDD by BitDefender for linux and found virus infection on my Firefox files. It could be a virus intrusion on Mozilla or Mint server. How to report this?

User avatar
AZgl1500
Level 6
Level 6
Posts: 1376
Joined: Thu Dec 31, 2015 3:20 am
Location: /Home/Desktop
Contact:

Re: Virus intrusion

Post by AZgl1500 » Wed Feb 21, 2018 4:04 am

I'm running Firefox also, and I doubt seriously there is a bug in it....

might be, but I'm not too concerned.

I looked at that program, and they want money for it

User avatar
Lucap
Level 5
Level 5
Posts: 907
Joined: Tue May 24, 2016 1:40 am

Re: Virus intrusion

Post by Lucap » Wed Feb 21, 2018 4:04 am

You'll need to post what it found so others can work out if it's real or just a false positive.

User avatar
Moem
Level 15
Level 15
Posts: 5861
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: Virus intrusion

Post by Moem » Wed Feb 21, 2018 4:06 am

I wouldn't report anything until you're very sure you are not getting false positives. It happens a lot. It certainly happens more often than real infections happen; if you had one, you'd be the first I've ever heard about. Why don't you post the results, then people in the know can take a look at them.

BTW, as far as I know, Firefox in the repos is at version 58.0.2 not 57.
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!

User avatar
AZgl1500
Level 6
Level 6
Posts: 1376
Joined: Thu Dec 31, 2015 3:20 am
Location: /Home/Desktop
Contact:

Re: Virus intrusion

Post by AZgl1500 » Wed Feb 21, 2018 4:46 am

Firefox Version.png

this is the latest

teguh_broadway
Level 1
Level 1
Posts: 2
Joined: Wed Feb 21, 2018 2:38 am

Re: Virus intrusion

Post by teguh_broadway » Wed Feb 21, 2018 6:09 am

Many thanks for the responses. This is my first finding a "malware suspected" on linux as I used it for 3 years, so I got a little surprised. I dont have such capabilities to investigate apps, but I will recheck by clamav and write the results or log in several days.

User avatar
Lucap
Level 5
Level 5
Posts: 907
Joined: Tue May 24, 2016 1:40 am

Re: Virus intrusion

Post by Lucap » Wed Feb 21, 2018 6:21 am

Image

Show Bitdefender log at the bottom highlighted in red.

User avatar
Moem
Level 15
Level 15
Posts: 5861
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: Virus intrusion

Post by Moem » Wed Feb 21, 2018 6:26 am

teguh_broadway wrote:
Wed Feb 21, 2018 6:09 am
I dont have such capabilities to investigate apps
If you don't know how the application works, what is the benefit you hope to get from using it? I'm not being mean, I'm genuinely interested.
Instead of starting up yet another unneccesary antivirus, post the results from Bitdefender please.
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!

Cosmo.
Level 23
Level 23
Posts: 17830
Joined: Sat Dec 06, 2014 7:34 am

Re: Virus intrusion

Post by Cosmo. » Wed Feb 21, 2018 7:05 am

teguh_broadway wrote:
Wed Feb 21, 2018 2:46 am
I installed Firefox 57 via Linux Mint repository.
Strange. FF is installed by default. So what did you actually do?

User avatar
Flemur
Level 15
Level 15
Posts: 5649
Joined: Mon Aug 20, 2012 9:41 pm
Location: Potemkin Village

Re: Virus intrusion

Post by Flemur » Wed Feb 21, 2018 12:32 pm

teguh_broadway wrote:
Wed Feb 21, 2018 2:46 am
How to report this?
By quoting the exact message(s) and file names.
Please edit your original post title to include [SOLVED] if/when it is solved!
Your data and OS are backed up....right?
Mint 18.3 Xfce/fluxbox/pulse-less
Xubuntu 17.10/fluxbox/pulse-less

User avatar
phd21
Level 16
Level 16
Posts: 6201
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: Virus intrusion

Post by phd21 » Wed Feb 21, 2018 6:02 pm

Hi teguh_broadway, & Everyone Else,

I just read your post and the good replies to it. Here are my thoughts on this as well.

I too would like to see the report from your BitDefender's scan, and or printscreens of it.

I also installed and ran BitDefender 7.7 on my system, see results below. It did not find anything in the Firefox 58, or anywhere else, except believe it or not, it did find one in the QT development sample files, a mp4 video file which I had it delete it.

Most Linux users already know that it is not recommended to install an anti-virus or anti-malware package into your Linux Mint system, see link below, because you do not need it. Most viruses and malware cannot hurt a Linux system and they have been specifically designed for MS Windows and or Mac systems with a couple very rare exceptions. Using a sandboxing application like "Firejail" with all applications accessing the Internet will also help protect your system.

Security in Linux Mint: an explanation and some tips - Easy Linux tips project (Great Linux Website)
https://sites.google.com/site/easylinux ... t/security

There are many posts on this anti-virus topic in this forum already.

But I would like to express my viewpoints on this. There are various anti-virus and anti-malware software packages, some that a user can install are "real time" and always running and others are "run on demand" scanners. The "real time and always running" software packages can pose a threat because they are actively targeted by virus and malware creators and they usually have super user (root) privileges which bypasses the superb Linux built-in security. Most anti-virus and anti-malware scanners are not installed as a service that runs all the time, and do not scan the system's root area unless the user gives it permission to do so, so they do not pose a threat to install and use them like the others would.

Do you really need an antivirus (includes anti-malware) software installed in your Linux Mint system? The answer is usually no, unless you are actively exchanging files which includes music, images and photos, videos and movies, documents, etc... from or with MS Windows or Mac users, and or you download Torrents or other files from the Internet.

And even if you do receive or transfer files with MS Windows and or Mac users there are other options for scanning your files and folders, there are online anti-virus scanners like the excellent "VirusTotal", etc..., and there are excellent bootable versions of reputable anti-virus developer's rescue disks for CD/DVD discs and or USB sticks, like Kaspersky, Avira, Dr.Web, etc... Not sure if BitDefender has a bootable rescue disk for Linux with a nice desktop interface, which can be used to scan files or your whole system?

For those who do install an anti-virus package, I would also caution against automatically deleting or quarantining file(s), check any results yourself, or you could end up removing necessary system files and or software files rendering your system unbootable or certain software unusable. I say this from personal experience. As was already mentioned, another thing to consider is that these antivirus software can and do report false positives which means that some of the file(s) are not really infected with viruses or malware. If you are unsure what the results mean, ask here, or search the Internet.

"BitDefender" is a reputable and reliable anti-virus vendor. What I like about this is that it does not install a "real time" always running service, I can run it on demand or in the background when I want to, and it is an anti-virus anti-malware scanner that works well and fast. I have almost 2 million files and folders in my "Home" folder (much more than the average user) which only took around two hours to run on my ancient under-powered computer.

FYI: I usually run a bootable anti-virus disc (Kaspersky, Avira, etc..) or USB stick to scan my system and any attached drives like USB drives or USB sticks overnight, if I think or feel the need to; I usually run it once a month or more anyway. I do have ClamAV with LMD (Linux Malware Detect) installed for scanning my "/Downloads" folder while still in Linux Mint; turn off PUA in ClamAV and enable scanning larger files. Now I can use BitDefender as well while still in Linux Mint.

"BitDefender" kindly does offer a free Linux scanner version for personal use for now which you have to request a free license for and they'll email your activation key code and a link to download their software. They do want you to buy their business product, and claim this version is at "end of life". I just did this and I downloaded their free file "BitDefender-Antivirus-Scanner-7.7-1-linux-amd64.deb.run" for 64-bit computers, and I think "BitDefender-Antivirus-Scanner-7.7-1-linux-i586.deb.run" is for 32-bit computers.

Antivirus for Linux - Bitdefender Antivirus Scanner for Unices
- click link below and the click the red text link on the right to request a free license and get your email with registration.
https://www.bitdefender.com/business/an ... nices.html

BitDefender Download link
http://download.bitdefender.com/SMB/Wor ... _RO/Linux/

To install BitDefender on a 64-bit Linux computer, use the console terminal command below from the folder where you downloaded their file: (You have to hit enter a lot through their initial readme disclaimer screen, then at the bottom of that type in "accept" to continue.) Be sure to update their virus definitions before running a scan.

Code: Select all

sudo sh BitDefender-Antivirus-Scanner-7.7-1-linux-amd64.deb.run
I think this is for 32-bit computers

Code: Select all

sudo sh BitDefender-Antivirus-Scanner-7.7-1-linux-i586.deb.run
Hope this helps ...

In the first Image below, the first file shown in the results is an ant-virus test file that I purposely downloaded to test anti-virus software, the second file is a real file, a video file, that apparently did have a virus or malware issue.

The status box towards the bottom of the results screen just shows files that could not be accessed because they were in use and are not a threat.
BitDefender1.jpg
"BitDefender" anti-virus scanner

This screenshot image shows the files that the scan found to be bad and infected with a virus or malware.
BitDefender2.jpg
"BitDefender" anti-virus scanner
Phd21: Mint KDE 17.3 & 18.3, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

Post Reply

Return to “Other topics”