Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 3656 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

USB Virus/Worm in both Windows 7 and Linux?

fyzzx4phun

Hi,

Because of a USB virus/worm that infected my computer, I recently DBAN-ed and formatted my hard drive then used my Gateway recovery dvd's to reinstall the Windows 7 os.  My os was still acting "funny" and I did a slew of virus scans, but only one so far (Norman Malware Cleaner) detected a couple of malicious files and deleted them.

The kicker is that this virus(es) also ran when I booted to Ubuntu linux and messes stuff up. I tried to run a number of scanners and cleaners, but most of them refused to run and the scans that ran reported no problems. The only one that started going and reported malicious files was Sophos savscan.   Savscan identified some suspicious files until the savscan failed and wouldn't restart.  (So, whoever is perpetuating the myth that linux doesn't get viruses needs to open their eyes)


Here is what Savscan identified as suspicious in linux before it stalled:

/lib/modules/2.6.38-11-generic/build/source
/lib/modules/2.6.38-8-generic/build/source
/lib/firmware/vxge/X3fw-pxe.ncfl  Password Protected
T1:X3_101115_1_8_1_expROM_FW_uni_template_rmt_cmd_line.txt
T1:X3_101115_1_8_1_expROM_FW_uni_template_flash0.bin
T1:X3_101115_1_8_1_expROM_FW_uni_template_eeprom0.bin
/proc/sysrg-trigger

Did this malware corrupt the BIOS?

Thanks much!
-Tina

P.S.  What do I do now?

:16807


This thread was automatically locked due to age.
Parents
  • 0

    The browser on the infected computer wouldn't let me download from the Sophos website.  I performed a recovery and turned the machine off because I have some other things to do that are more important.

    Last night, the people behind this malware found a new way to break through my firewall.  On the log, I noticed that the IP address for my Nettalk Duo (connected to my router) was requesting inbound connection numerous times.  The firewall did block it from entering the computer, but this was frightening to me.  Justifiably so, because later I was on that VOIP phone with a friend and I heard a female computer voice say, "This call is being recorded."  Neither my friend nor I was responsible.  That was nice of the bad guys to let me know that they were infecting every kind of device on my network.

    How ironic that some many years ago I attended a control systems seminar where the speaker said that he and his group were trying to convince the phone companies that their phone systems could be taken down by viruses.  They explained that it would be the most devastating of all  terrorist attacks because if phone service is down everywhere, and there are bombings happening, our emergency services would be stuck with walkie talkies, and no one can call for help.  I wonder if his group made progress.

    I will make more attempts to download the Sophos software as soon as I get free time.  But if you want to take all my networked devices to a research lab, that would be super.  hint hint

    :17035
Reply
  • 0

    The browser on the infected computer wouldn't let me download from the Sophos website.  I performed a recovery and turned the machine off because I have some other things to do that are more important.

    Last night, the people behind this malware found a new way to break through my firewall.  On the log, I noticed that the IP address for my Nettalk Duo (connected to my router) was requesting inbound connection numerous times.  The firewall did block it from entering the computer, but this was frightening to me.  Justifiably so, because later I was on that VOIP phone with a friend and I heard a female computer voice say, "This call is being recorded."  Neither my friend nor I was responsible.  That was nice of the bad guys to let me know that they were infecting every kind of device on my network.

    How ironic that some many years ago I attended a control systems seminar where the speaker said that he and his group were trying to convince the phone companies that their phone systems could be taken down by viruses.  They explained that it would be the most devastating of all  terrorist attacks because if phone service is down everywhere, and there are bombings happening, our emergency services would be stuck with walkie talkies, and no one can call for help.  I wonder if his group made progress.

    I will make more attempts to download the Sophos software as soon as I get free time.  But if you want to take all my networked devices to a research lab, that would be super.  hint hint

    :17035
Children
No Data