Windows viruses detected by Chrome under Ubuntu! (WTF?) | FerrariChat
Buy

Windows viruses detected by Chrome under Ubuntu! (WTF?)

Discussion in 'Technology' started by Fast_ian, Apr 22, 2011.

This site may earn a commission from merchant affiliate links, including eBay, Amazon, Skimlinks, and others.

  1. Fast_ian

    Fast_ian Two Time F1 World Champ

    Sep 25, 2006
    23,397
    Campbell, CA
    Full Name:
    Ian Anderson
    #1 Fast_ian, Apr 22, 2011
    Last edited: Apr 22, 2011
    Hey,

    It seems Bills Evil Empire is conspiring to hose me even when I'm not using his stuff! :D

    Background;
    Grub Bootloader to choose what to boot;
    - ~500GB Ubuntu 10.10, latest patches, running Chrome.
    - ~150GB Windows XP, SP3 partition that I haven't used in > 6 months.
    - The XP partition does have AVG Free installed, but it's obviously at least 6 months out of date.

    So, I was surfing around in Ubuntu Chrome when it popped up a "security alert" - I let it scan and the (partial) results are below! - If I click on "Start protection" it downloads a .exe file which is obviously useless to me!......

    I then searched (both the Ubuntu root partition & the XP partition) for a few of the names shown in the list - A big ol' "not found" :(

    [The scanner did list where it was searching, but the results went by so fast I couldn't catch 'em.]

    So, I'm obviously not about to boot Windoze until I get rid of this crap - The problem is I have no idea how to start?........ For now, I've simply unmounted the Windows partition and am thinking I'll just delete the sucker - But Murphy specifies that I'll immediately need "something" from it! - I can't think what (after all, it is at least 6 months old).

    Any ideas much appreciated,
    Cheers,
    Ian
    PS - It seems I've become unsubscribed and can't add anymore attachments! I'll remedy that and post the screen grab RSN.
     
  2. Fast_ian

    Fast_ian Two Time F1 World Champ

    Sep 25, 2006
    23,397
    Campbell, CA
    Full Name:
    Ian Anderson
    #2 Fast_ian, Apr 22, 2011
    Last edited by a moderator: Sep 7, 2017
  3. davidoloan

    davidoloan Formula Junior

    May 6, 2009
    584
    Full Name:
    David
    #3 davidoloan, Apr 22, 2011
    Last edited: Apr 22, 2011
    That looks like an ordinary website pop up designed to look like its part of google chrome.

    Fake scan, Fake results.

    I don't see how you could have Windows viruses installed when you don't use windows. Ubuntu will ask you to install anything and is secure.

    Do you know that it is part of Chrome for sure?

    Your .deb Chrome package knows it is a Linux program and wouldn't try to install an .exe. I think that is a trap for the windows user who clicks and thus self installs a virus. It won't install on your Linux and won't install on you windows partition as you are not running windows.

    Just as well you don't use windows; clicking on things like that :). Only joking.
     
  4. Fast_ian

    Fast_ian Two Time F1 World Champ

    Sep 25, 2006
    23,397
    Campbell, CA
    Full Name:
    Ian Anderson
    #4 Fast_ian, Apr 22, 2011
    You're probably right.....

    IIRC, the address "appeared" legit, but TBH I probably just freaked! [Not used to this BS ;)]

    +1 indeed. [Why I put the smiley in the OP :)] - They ain't gonna get me!.......

    Nope - But it looked good.....

    Indeed.

    My "concern" was that I'd authorized the download, and it had managed to write into the XP partition.... Next time I boot Windows bad things happen......

    I've got the downloaded .exe "isolated" if anyone wants to poke at it - FWIW, Linux tells me it's a broken zip archive.

    Cheers,
    Ian
    PS - Boot options also changed to not mount the XP partition by default ;)
     
  5. Piper

    Piper Two Time F1 World Champ

    Jun 6, 2010
    25,415
    Northern Virginia
    Full Name:
    Bob
    #5 Piper, Apr 22, 2011
    Can you fdisk /mbr without wiping your boot mgr? Can you /mbr and then reload your boot mgr? If so, just clean your boot sector, get your mgr working and boot XP in safe mode to clean. No biggie.
     
  6. Fast_ian

    Fast_ian Two Time F1 World Champ

    Sep 25, 2006
    23,397
    Campbell, CA
    Full Name:
    Ian Anderson
    #6 Fast_ian, Apr 23, 2011
    Whoa!...... I'm really hoping (believe?) it can't have messed with either the boot sectors or boot mgr!..... I guess I'll go & poke at it with Grub-manager (or whatever it's called these days) just to make sure nothing managed to get in, but I don't think so - Although I downloaded whatever-it-is, it never ran, let alone with the privileges it would need to do harm.

    Thanks for the comments,
    Cheers,
    Ian
     
  7. JohnLClark

    JohnLClark Karting

    May 15, 2005
    188
    Pittsburgh
    #7 JohnLClark, Apr 28, 2011
    I really hate those kind of programs. My mother was on a completely innocent site, a local newspaper site, and one of those popped up and she almost clicked the start button. Luckily I do her maintance and antivirus programs, so she called me first. Able to prevent her from starting the program.
     

Share This Page