[ltp] Spyware - my Intrepid under attack?
Andrea Levin
linux-thinkpad@linux-thinkpad.org
Sat, 12 Sep 2009 15:36:23 -0400
--00c09f9db11b3d127c0473668c35
Content-Type: text/plain; charset=ISO-8859-1
Whew, and thanks so much for the reassuring and informative replies - and
indeed, The Thing looked exactly likeTthe Thing on the link at
http://likuidkewl.blogspot.com/2009/05/oh-no-windows-viruses-on-my-linux-box.html.
Now that I've caught my breath, I can see it was one of those rogue security
software things. And still wondering exactly how it came in.
Thanks for being there!
Andrea
On Sat, Sep 12, 2009 at 3:22 PM, Dan Maranville <likuidkewl@gmail.com>wrote:
> Hello --
>
> >On Sat, Sep 12, 2009 at 14:49, Andrea Levin <andrea.b.levin@gmail.com>
> wrote:
> >
> > I am pretty new to Ubuntu (Intrepid), finding my way around, practicing
> clumsily with the command line,reading Keir Thomas...and I may have been
> >complacent about the risk of spyware. I hadn't even installed Mozilla
> NoScript (till a minute ago!). I've updated faithfully when prompted.
> >
> > On Firefox a half hour ago, I noticed things a bit...slow. Then a bit
> 'freezy'. First attributed this to the measly RAM quotient on this 2003
> Dell 5100 >(which I believe is 256 megs. Still not sure where to find system
> info - that's how new I am!)
>
> From the Cli you can simply type 'free' this will tell you all about
> your ram, and yes 256 will get chunky especially at the NYT as it has
> some flash heavy areas, also if you opened a spreadsheet it is also
> OOo sucking up a ton of that ram.
>
> >
> > A Firefox update process required restart of FF, and so I thought it
> might have been the resource demands of this process. All of a sudden - a
> >classic sense of 'takeover': suddenly, my monitor looks like a Windows
> machine, showing me my 'My Computer', 'C drive', 'My Documents', etc, all
> >tagged with red warnings, a pop-up tells me I am under attack, do
> run-don't-walk to this antivirus site, etc. In my panic (I don't yet know
> the >equivalent of CTRL-ALT-DEL) I pulled the plug and the battery to abort.
>
> This is a prevalent way of making windows users install the exe that
> comes bundled with it, did it happen to look like screen located here:
>
> http://likuidkewl.blogspot.com/2009/05/oh-no-windows-viruses-on-my-linux-box.html
>
> >
> > I had ... downloaded a spreadsheet from the New York Times site on
> costing out home-buying. Uh-oh! (Actually, I'd assumed I was about to
> >simply open a new tab, not download a document.) Deleted this at the
> terminal.
> >
> > So: how to scan for spyware, viruses? Or: is this necessary? How would I
> know I'm infected? Etc.!
>
> Don't worry about being infected with anything, it is almost always
> just a scare tactic for most people.
> Rootkits, sure if you have a server forward facing but home users in
> the world today? No.
>
> >
> > Usually I check forums before posting threads - but I'm pretty rattled!
> > I use ESET Nod32 on my Windoze machines.
> >
> > Thanks in advance!
> --
> The linux-thinkpad mailing list home page is at:
> http://mailman.linux-thinkpad.org/mailman/listinfo/linux-thinkpad
>
--
This email and any files transmitted with it may be confidential and legally
privileged. They are intended solely for the use of the individual or entity
to whom they are addressed. If you have received this email in error, please
notify the sender by return email immediately, and then delete and destroy
this message and its
attachments.
--00c09f9db11b3d127c0473668c35
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Whew, and thanks so much for the reassuring and informative replies - and i=
ndeed, The Thing looked exactly likeTthe Thing on the link at <a href=3D"ht=
tp://likuidkewl.blogspot.com/2009/05/oh-no-windows-viruses-on-my-linux-box.=
html" target=3D"_blank">http://likuidkewl.blogspot.com/2009/05/oh-no-window=
s-viruses-on-my-linux-box.html</a>.=A0 Now that I've caught my breath, =
I can see it was one of those rogue security software things.=A0 And still =
wondering exactly how it came in.=A0 <br>
<br>Thanks for being there!<br><br>Andrea<br><br><div class=3D"gmail_quote"=
>On Sat, Sep 12, 2009 at 3:22 PM, Dan Maranville <span dir=3D"ltr"><<a h=
ref=3D"mailto:likuidkewl@gmail.com">likuidkewl@gmail.com</a>></span> wro=
te:<br>
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hello --<br>
<div class=3D"im"><br>
>On Sat, Sep 12, 2009 at 14:49, Andrea Levin <<a href=3D"mailto:andre=
a.b.levin@gmail.com">andrea.b.levin@gmail.com</a>> wrote:<br>
><br>
> I am pretty new to Ubuntu (Intrepid), finding my way around, practicin=
g clumsily with the command line,reading Keir Thomas...and I may have been =
>complacent about the risk of spyware. I hadn't even installed Mozil=
la NoScript (till a minute ago!). I've updated faithfully when prompted=
.<br>
><br>
> On Firefox a half hour ago, I noticed things a bit...slow. Then a bit =
'freezy'.=A0 First attributed this to the measly RAM quotient on th=
is 2003 Dell 5100 >(which I believe is 256 megs. Still not sure where to=
find system info - that's how new I am!)<br>
<br>
</div>From the Cli you can simply type 'free'=A0 this will tell you=
all about<br>
your ram, and yes 256 will get chunky especially at the NYT as it has<br>
some flash heavy areas, also if you opened=A0 a spreadsheet it is also<br>
OOo sucking up a ton of that ram.<br>
<div class=3D"im"><br>
><br>
> A Firefox update process=A0 required restart of FF, and so I thought i=
t might have been the resource demands of this process. All of a sudden - a=
>classic sense of 'takeover': suddenly, my monitor looks like a=
Windows machine, showing me my 'My Computer', 'C drive', &=
#39;My Documents', etc, all >tagged with red warnings, a pop-up tell=
s me I am under attack, do run-don't-walk to this antivirus site, etc. =
In my panic (I don't yet know the >equivalent of CTRL-ALT-DEL) I pul=
led the plug and the battery to abort.<br>
<br>
</div>This is a prevalent way of making windows users install the exe that<=
br>
comes bundled with it, did it happen to look like screen located here:<br>
<a href=3D"http://likuidkewl.blogspot.com/2009/05/oh-no-windows-viruses-on-=
my-linux-box.html" target=3D"_blank">http://likuidkewl.blogspot.com/2009/05=
/oh-no-windows-viruses-on-my-linux-box.html</a><br>
<div class=3D"im"><br>
><br>
> I had ... downloaded a spreadsheet from the New York Times site on cos=
ting out home-buying.=A0 Uh-oh! (Actually, I'd assumed I was about to &=
gt;simply open a new tab, not download a document.)=A0 Deleted this at the =
terminal.<br>
><br>
> So: how to scan for spyware, viruses? Or: is this necessary? How would=
I know I'm infected?=A0 Etc.!<br>
<br>
</div>Don't worry about being infected with anything, it is almost alwa=
ys<br>
just a scare tactic for most people.<br>
Rootkits, sure if you have a server forward facing but home users in<br>
the world today? No.<br>
<div class=3D"im"><br>
><br>
> Usually I check forums before posting threads - but I'm pretty rat=
tled!<br>
> I use ESET Nod32 on my Windoze machines.<br>
><br>
> Thanks in advance!<br>
--<br>
</div>The linux-thinkpad mailing list home page is at:<br>
<a href=3D"http://mailman.linux-thinkpad.org/mailman/listinfo/linux-thinkpa=
d" target=3D"_blank">http://mailman.linux-thinkpad.org/mailman/listinfo/lin=
ux-thinkpad</a><br>
</blockquote></div><br><br clear=3D"all"><br>-- <br>This email and any file=
s transmitted with it may be confidential and legally privileged. They are =
intended solely for the use of the individual or entity to whom they are ad=
dressed. If you have received this email in error, please notify the sender=
by return email immediately, and then delete and destroy this message and =
its<br>
attachments.<br>
--00c09f9db11b3d127c0473668c35--