You are Here:
Linux Lite 6.6 FINAL Released - Support for 22 Languages Added - See Release Announcement Section



Virus Detected on Lite 2.6 Wallpapers

Author (Read 18789 times)

0 Members and 1 Guest are viewing this topic.

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #24 on: September 06, 2015, 01:19:38 PM »
 

vagnerafonso

  • New to Forums
  • *
  • 5
    Posts
  • Reputation: 2
  • Linux Lite Member
    • View Profile

  • CPU: Core2Duo

  • MEMORY: 4Gb

  • VIDEO CARD: ATI Radeon HD
Greetings All,

I can safely say that the lessen learned from all this is that it's probably not a good idea to randomly download images/pictures and use them as wallpapers. Especially if we don't know the sources.  A lot of these images/pictures are downloaded from different sources and are shared everywhere. It would be better to create our own wallpapers or take screen shots of the images/pictures that we like, save them to our computers and use those as wallpapers instead.
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #23 on: September 06, 2015, 09:59:39 AM »
 

Wirezfree

  • PayPal Supporter
  • Platinum Level Poster
  • *****
  • 1484
    Posts
  • Reputation: 405
  • Linux Lite "Advocate"
    • View Profile

  • CPU: i7-4790S

  • MEMORY: 16Gb

  • VIDEO CARD: Intel HD4600 (Integrated)
@Jocklad...

A good question... Ask 10 people, you will probably get 11 opinions... :)

If you watch the youtube video posted by vagnerafonso,
It appears that malware can impact Linux, but how often & what scenario created that situation in the demo..??

If you still run windows and share files across distros, you could vulnerable.
If you only run Linux, you could say "Well I'm O.K"...
BUT being a good citizen you don't want to pass anything on to a Windows user/friend from Linux do you..??


So, given it's a "almost" a "set it and forget" with ClamAV,
I'm tending to err on the side of caution and will probably use it.



UPDATED
Ooops, sorry Jerry, I see I posted within 10secs of you...
Yes move to Virus thread if required.
« Last Edit: September 06, 2015, 10:02:56 AM by Wirezfree »
Upgrades WIP 2.6 to 2.8 - (6 X 2.6 to 2.8 completed on: 20/02/16 All O.K )
Linux Lite 3.0 Humming on a ASRock N3070 Mobo ~ btrfs RAID 10 Install on 4 Disks :)

Computers Early days:
ZX Spectrum(1982) , HP-150 MS-DOS(1983) , Amstrad CPC464(1984) ,  BBC Micro B+64(1985) , My First PC HP-Vectra(1987)
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #22 on: September 06, 2015, 09:59:28 AM »
 

Jerry

  • Linux Lite Creator
  • Administrator
  • Platinum Level Poster
  • *****
  • 8775
    Posts
  • Reputation: 801
  • Linux Lite Member
    • View Profile
    • Linux Lite OS

  • CPU: Intel Core i9-10850K CPU @ 3.60GHz

  • MEMORY: 32Gb

  • VIDEO CARD: nVidia GeForce GTX 1650

  • Kernel: 5.x
Getting off topic here folks. Please keep it to the Wallpaper issue. I believe there is another thread on virus scanners in Linux in the Forums. Thanks :)

Sent from my Nexus 6 using Tapatalk

 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #21 on: September 06, 2015, 09:44:26 AM »
 

Jocklad

  • Banned
  • Gold Level Poster
  • *******
  • 508
    Posts
  • Reputation: 67
  • Linux Lite Member
    • View Profile

  • MEMORY: 8Gb

 Not sure where we are heading here.

 Should we now install anti-virus on all linux Distros....?.

 Jocklad  ::) ::)
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #20 on: September 06, 2015, 09:35:59 AM »
 

Wirezfree

  • PayPal Supporter
  • Platinum Level Poster
  • *****
  • 1484
    Posts
  • Reputation: 405
  • Linux Lite "Advocate"
    • View Profile

  • CPU: i7-4790S

  • MEMORY: 16Gb

  • VIDEO CARD: Intel HD4600 (Integrated)
Hi,

I'm still learning all the options, This may help you "ClamTK Virus Scanner"

I have the scheduled scan and updates shown below,
This can be verified if you install gnome-scheduler which is a gui to manage/add/edit "cron" task.

Upgrades WIP 2.6 to 2.8 - (6 X 2.6 to 2.8 completed on: 20/02/16 All O.K )
Linux Lite 3.0 Humming on a ASRock N3070 Mobo ~ btrfs RAID 10 Install on 4 Disks :)

Computers Early days:
ZX Spectrum(1982) , HP-150 MS-DOS(1983) , Amstrad CPC464(1984) ,  BBC Micro B+64(1985) , My First PC HP-Vectra(1987)
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #19 on: September 06, 2015, 08:59:37 AM »
 

Zead

  • Forum Regular
  • ***
  • 115
    Posts
  • Reputation: 20
    • View Profile

  • MEMORY: 8Gb
@Wirezfree

Thanks, I've found it. The problem was that I was clicking on the desktop files... It doesn't work on them sadly. I guess right clicking on any desktop icon doesn't count as Thunar.

Btw, I've heard that ClamTK includes right-click scan by default. Is that true? But that's probably only for Nautilus.


Anyway, I was searching for some info about ClamTK, but I'm confused about update options and scheduler.

There are 2 options for automatic definitions updates.
#1 is in "Advanced > Rerun Antivirus Setup Wizard (Antivirus Signature Options)"
#2 is in "Advanced > Scheduler"

You can enable both...

Do you have some information about this how it works? Why are there two options for automatic updates?

You can leave the scheduler disabled, and the Rerun Antivirus Setup Wizard automatic updates enabled. It will update itself anyway. I've kept it like this.

Maybe the scheduler is here to specify the time of automatic updates... And when it is disabled, it will use the default time for updates...

Anyway, I've set ClamTk updates to Manual, and scheduled automatic updates to 5PM. So I'll see if it updates or not.
« Last Edit: September 06, 2015, 09:05:40 AM by Zead »
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #18 on: September 06, 2015, 08:08:08 AM »
 

Wirezfree

  • PayPal Supporter
  • Platinum Level Poster
  • *****
  • 1484
    Posts
  • Reputation: 405
  • Linux Lite "Advocate"
    • View Profile

  • CPU: i7-4790S

  • MEMORY: 16Gb

  • VIDEO CARD: Intel HD4600 (Integrated)
@Zead,

I will fire up my test pc and check again,
but it was under Right Click on a file/folder, then navigate through Send To, and it was at the Bottom of the options list "ClamTk"


Update, screen shot showing send to > clamtk

« Last Edit: September 06, 2015, 08:37:54 AM by Wirezfree »
Upgrades WIP 2.6 to 2.8 - (6 X 2.6 to 2.8 completed on: 20/02/16 All O.K )
Linux Lite 3.0 Humming on a ASRock N3070 Mobo ~ btrfs RAID 10 Install on 4 Disks :)

Computers Early days:
ZX Spectrum(1982) , HP-150 MS-DOS(1983) , Amstrad CPC464(1984) ,  BBC Micro B+64(1985) , My First PC HP-Vectra(1987)
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #17 on: September 06, 2015, 06:31:43 AM »
 

Zead

  • Forum Regular
  • ***
  • 115
    Posts
  • Reputation: 20
    • View Profile

  • MEMORY: 8Gb
Hi,

You may already know this.?
If you visit the clamtk webpage: https://code.google.com/p/clamtk/
Scroll down to downloads
There is a Thunar add-on for Ubuntu "thunar-sendto-clamtk"



[/size]It gives you a Right Click > Sendto > ClamTK option

Hi. I've done this weeks ago. But nothing is appearing in my right click menu. Am I missing something?

I guess I need ClamTK 5, I have a ClamTK 4.45 (from the official ubuntu repositories).
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #16 on: September 05, 2015, 10:40:57 AM »
 

vagnerafonso

  • New to Forums
  • *
  • 5
    Posts
  • Reputation: 2
  • Linux Lite Member
    • View Profile

  • CPU: Core2Duo

  • MEMORY: 4Gb

  • VIDEO CARD: ATI Radeon HD
Greetings All,

Sophos has a free anti-virus program for Linux.  I believe we should all have a good virus scanner for our systems. Especially if we intend on installing applications and downloading files, documents and pictures from outside of trusted repositories and websites.  This is also important if we plan on sharing those files with Microsoft Windows users. We wouldn't want to unintentionally infect these users machines. Especially if they are our family, friends, etc. Matthew Moore uploaded a YouTube video demonstrating the use of Sohpos and verified that his Arch system had been infected with viruses. I've included links to Matthew Moore's YouTube video and Sophos for Linux.  I hope this information is helpful.

Sophos For Linux
https://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-linux.aspx

Matthew Moore Sophos Demo
https://www.youtube.com/watch?v=y_lhqg_p21k&feature=youtu.be&t=2m42s
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #15 on: September 05, 2015, 10:19:45 AM »
 

Wirezfree

  • PayPal Supporter
  • Platinum Level Poster
  • *****
  • 1484
    Posts
  • Reputation: 405
  • Linux Lite "Advocate"
    • View Profile

  • CPU: i7-4790S

  • MEMORY: 16Gb

  • VIDEO CARD: Intel HD4600 (Integrated)
Hi,

You may already know this.?
If you visit the clamtk webpage: https://code.google.com/p/clamtk/
Scroll down to downloads
There is a Thunar add-on for Ubuntu "thunar-sendto-clamtk"



[/size]It gives you a Right Click > Sendto > ClamTK option
Upgrades WIP 2.6 to 2.8 - (6 X 2.6 to 2.8 completed on: 20/02/16 All O.K )
Linux Lite 3.0 Humming on a ASRock N3070 Mobo ~ btrfs RAID 10 Install on 4 Disks :)

Computers Early days:
ZX Spectrum(1982) , HP-150 MS-DOS(1983) , Amstrad CPC464(1984) ,  BBC Micro B+64(1985) , My First PC HP-Vectra(1987)
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #14 on: September 05, 2015, 04:20:30 AM »
 

Zead

  • Forum Regular
  • ***
  • 115
    Posts
  • Reputation: 20
    • View Profile

  • MEMORY: 8Gb
I guess I'm going to test all of my pictures on VirusTotal now. ClamAV hasn't detect it. According to Microsoft website. MSE should detect it. But according to VirusTotal, Microsoft came up with clean file.

Malicious or not, there's a web injection for sure.
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #13 on: September 05, 2015, 12:06:43 AM »
 

Jerry

  • Linux Lite Creator
  • Administrator
  • Platinum Level Poster
  • *****
  • 8775
    Posts
  • Reputation: 801
  • Linux Lite Member
    • View Profile
    • Linux Lite OS

  • CPU: Intel Core i9-10850K CPU @ 3.60GHz

  • MEMORY: 32Gb

  • VIDEO CARD: nVidia GeForce GTX 1650

  • Kernel: 5.x
I've decided to err on the side of caution. Removing this wallpaper is the best solution despite the mixed results.
I've added a postinst script to lite-software that will remove Entrance.jpg.

Releases affected: 2.0, 2.2, 2.4, 2.6

Code of postinst:

Code: [Select]
#! /bin/sh
# A collection of postinst actions for Linux Lite

# postinst script for wallpaper removal
# Date: 04/09/15
# Time: 23:51 (EST)
# As reported here - https://www.linuxliteos.com/forums/other/virus-detected-on-lite-2-6-wallpapers/

set -e

cd /usr/share/backgrounds/xfce/

sudo rm -rf Entrance.jpg

This code will stay in LL until the end of Series 2.
Entrance.jpg will not appear in any more versions of LL and has been removed from the dev builds.

In future, all Wallpapers will be scanned before going into Linux Lite.

Social Media announcements have been placed informing the wider public.

Run Menu, Favorites, Install Updates and the wallpaper will be deleted.
« Last Edit: September 05, 2015, 12:36:48 AM by Jerry »
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #12 on: September 04, 2015, 11:32:18 PM »
 

Jerry

  • Linux Lite Creator
  • Administrator
  • Platinum Level Poster
  • *****
  • 8775
    Posts
  • Reputation: 801
  • Linux Lite Member
    • View Profile
    • Linux Lite OS

  • CPU: Intel Core i9-10850K CPU @ 3.60GHz

  • MEMORY: 32Gb

  • VIDEO CARD: nVidia GeForce GTX 1650

  • Kernel: 5.x
Firstly, thank you for reporting this vagnerafonso and thank you to everyone else in this thread for providing additional information and taking the time to look into this. I take reports like this very seriously. I'm going to analyse this at my end and let you know soon what will happen.
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #11 on: September 04, 2015, 09:58:53 PM »
 

anon222

  • Muted
  • Gold Level Poster
  • *
  • 688
    Posts
  • Reputation: 192
  • Linux Lite Member
    • View Profile

  • CPU: Dual core Pentium E5700 3GHz

  • MEMORY: 3Gb

  • VIDEO CARD: GeForce GT 430
If you click on the link I provided for more info, and then click on the "File detail" tab it states:  The file being studied is an image file! More specifically, it is a JPEG. The image has been injected with malicious web content.

In the box right below that statement is what appears to be the code that was injected into the file.
Oh I see. It's in Entrance.jpg, that image is from LL 2.0 not sure about the previous ones.
Looking at the code. as far as I can see there is a code that opens a webpage. I don't see how would xfce or ristereto image viewer be affected.
Tested on Firefox and it it looks it is not affected. Could possibly target some vulnerability in windows applications.
It appears that the image originates from some website. Anyway the threat seems minimal as many major antiviruses neglect this.
I'll wait to see what Jerry has to say about this.
In the future I suggest that the images that are going to be added to distro be uploaded in Gimp's XCF image file format.
That way the images will be open source and easy to modify.
 

Re: Virus Detected on Lite 2.6 Wallpapers
« Reply #10 on: September 04, 2015, 09:04:15 PM »
 

rokytnji

  • Friganeer
  • Platinum Level Poster
  • **********
  • 1255
    Posts
  • Reputation: 139
    • View Profile

  • CPU: Intel Core2 Duo U9600

  • MEMORY: 4Gb

  • VIDEO CARD: Intel Mobile 4
Code: [Select]
harry@harry-Latitude-XT2:~$ sudo -s
[sudo] password for harry:
root@harry-Latitude-XT2:~# cd /usr/share/backgrounds/xfce
root@harry-Latitude-XT2:/usr/share/backgrounds/xfce# ls
Car.jpg        Linux-Lite-Bridge.png          Lite-Coral.png      Stadium.jpg
Cubes.jpg      Linux-Lite-Coast.png           Lite-Gold.png       Thames.jpg
Entrance.jpg   Linux-Lite.jpg                 Lite-Grey.png       Winter.jpg
Gaming.jpeg    Linux-Lite-Mountains-Gold.png  Lite-Lite-2.2.jpg   xfce-blue.jpg
Kids.jpg       Linux-Lite-Sand-Feather.jpg    Lite-Parchment.png
Landscape.jpg  Linux-Lite-Simple-Gray.png     River-Dock.jpg
Liberty.jpg    Linux-Lite-Waves.png           Sea-House.jpg
root@harry-Latitude-XT2:/usr/share/backgrounds/xfce# rm -f Entrance.jpg
root@harry-Latitude-XT2:/usr/share/backgrounds/xfce# ls
Car.jpg                Linux-Lite.jpg                 Lite-Lite-2.2.jpg
Cubes.jpg              Linux-Lite-Mountains-Gold.png  Lite-Parchment.png
Gaming.jpeg            Linux-Lite-Sand-Feather.jpg    River-Dock.jpg
Kids.jpg               Linux-Lite-Simple-Gray.png     Sea-House.jpg
Landscape.jpg          Linux-Lite-Waves.png           Stadium.jpg
Liberty.jpg            Lite-Coral.png                 Thames.jpg
Linux-Lite-Bridge.png  Lite-Gold.png                  Winter.jpg
Linux-Lite-Coast.png   Lite-Grey.png                  xfce-blue.jpg
root@harry-Latitude-XT2:/usr/share/backgrounds/xfce# exit
exit
harry@harry-Latitude-XT2:~$
LL 3.6,2.8
Dell XT2 > Touchscreen Laptop
Dell 755 > Desktop
Acer 150 > Desktop
I am who I am. Your approval is not needed.
 

 

-->
X Close Ad

Linux Lite 6.6 FINAL Released - Support for 22 Languages Added - See Release Announcement Section