Viruses that are causing problems & unable to be deleted

Please provide the output of the following commands:

lsb_release
uname -a

Also, can you provide the output generated by clamtk which led you to believe that those are viruses?

About shim.efi please refer the following url https://wiki.ubuntu.com/SecurityTeam/SecureBoot .

About shim and MokManager.efi.signed (Secure Boot in general) please refer http://www.rodsbooks.com/efi-bootloaders/secureboot.html .

From the above links it must be clear that those files are necessary to boot into Secure Boot enabled machines. Hence you are finding them in each install of the OS.

Which release of Ubuntu are you using? How did you run Clamtk?

You could use https://www.virustotal.com to upload the file(s) in question for verification if they are flagged as virus by a set of different virus scanners.

Thank you for the information explaining how you installed ClamTK and the various versions of it. Now, can you please run the software, copy the output (If it is not possible to copy the output you can take a screenshot and upload it to any of the image sharing sites like instagram, imgur, etc and post the link here) and paste it as a comment here?

This part is very much essential because: The files you mentioned earlier form a critical part of the OS. If you had browsed through the links which I provided earlier you'd have noticed that booting into a Secure Boot enabled machine requires softwares which are signed using an encryption key. ("Secure Boot, though, is designed to add a layer of protection to the pre-boot process. With Secure Boot active, the firmware checks for the presence of a cryptographic signature on any EFI program that it executes. If the cryptographic signature is absent, doesn't correspond to a key held in the computer's NVRAM, or is blacklisted in the NVRAM, the firmware refuses to execute the program") Shim is one such software that allows one to boot into a Secure Boot enabled machine legally. If your antivirus software is complaining about this file, it MIGHT be a serious issue. To know if the issue is really as serious as it appears or if it is only a simple "warning" or a false detection, one needs to look at the output of the antivirus scan. Since we do not have access to your computer, you'll have to give us the output generated by ClamTK.

Another piece: Please provide the information in the form of comments. Do NOT edit the summary of the question. Please use the "message box" to provide the information or add any comments.

Sorry. I just wanted to know more details about the software before I use it. what do I click when I enter the site
https://wiki.ubuntu.com/SecurityTeam/SecureBoot

Can you give me step by step instructions on what to do and how to use those sites?

https://wiki.ubuntu.com/SecurityTeam/SecureBoot

http://www.rodsbooks.com/efi-bootloaders/secureboot.html

I placed the photo of clamtk into a YouTube video. It is currently being processed. I labeled it "problems with Ubuntu Linux". The channel name is VavlaProductions.

SIDE QUESTION

If I send video files from my Linux computer to my windows computer using a flash drive, will the flash drive infect my windows computer?

Can the "Assisted Secure Boot VM setup" section from
https://wiki.ubuntu.com/SecurityTeam/SecureBoot
Help with my problem? If not, which part can help me?

I saw your video. The output shows three files classified as PUA - Potentially Unwanted Applications (For more information on these see http://www.clamav.net/doc/pua.html). The files listed by ClamTK are executable files. These files were created using some kind of runtime packers. Since similar runtime packers can be used to package malwares, ClamAV is designed to flag such files as PUAs.

Apparently (from https://answers.launchpad.net/ubuntu/+question/246322 and http://askubuntu.com/questions/488649/clamav-finding-threat-in-steam-file) ClamTK shows many such PUAs. Going through the discussions in the ClamTK forum (http://forums.clamwin.com/viewtopic.php?p=15591#15587) you can see that these PUA detections can be safely ignored.

Those links given earlier were only for your reference.

There is no need to panic or modify your system configuration for this. One thing you can possibly do is to turn off PUA detection in the settings (Preferences -> Scanner).

SIDE QUESTION

I reinstalled Ubuntu many times on my computer in attempts to remove those files. Before each time I installed Ubuntu, I used the partition manager from the installation of an open source operating system called "Haiku OS" to delete the partitions on my hard drive. Unfortunately, those files seemed like they were gone at first, but they cropped up again out of nowhere. All I did to the computer before they showed up was installing the Ubuntu updates. This never happened before until now. Those files made small features in the OS on my computer go crazy when those files were on the hard drive. I think this started when I plugged in an old external hard drive that I have not touched in a few years.

I have an old version of a hard drive cloning software that I got back in 2010. Its called "acronis true image home 2010 pc backup & recovery". In the privacy tools, it says, "system cleaning and reliable data destruction of files, partitions, or volumes provide additional security at no added cost"

Can this feature wipe every last bit of data and keep those files from showing up again?

1) They do not crop up from nowhere. They are installed as a part of the system because they are very much essential for the system to boot.

2) Which features go crazy? What exactly do they do?

3) How did you get the installation file? CD/DVD or internet (.iso)?

When I plugged in flash drive into my computer that has Ubuntu on it, put some of my data on the flash drive, and plugged that flash drive into my older netbook that has windows xp on it, I used the free version of avg anti virus to scan the computer and it found something. It was a type of malware. To make it more crazy, those three files that were on Ubuntu were not on that flash drive. Plus the files I put on that flash drive were unrelated to the files that ClamTK found. I think those three files may be infecting other data that I wanted to copy to other computers.

On the computer with Ubuntu on it, the title bar on the Firefox window changed into another language while everything else stayed in English. This happened, then I closed the window, opened it again and it switched back to English without messing with any of it's settings.

Both the haiku OS and Ubuntu were ISO files from both of their official sites.

I used Ubuntu and ClamTK for a long time and this is the first time these types of problems are happening. I am currently using Ubuntu 14.04 LTS. I have been using it since it was first released and these problems showed up for the first time recently. Can Ubuntu updates cause this? If not, then what could the problem be? Everything I do on my computer are things that I have been doing for years and never had any problems with anything.

I have geek squad tech support, but they don't support Linux. When I get a chance I'll ask them to scan my computer that has windows xp. If something comes up, then it must be those files from my Ubuntu computer. The only things that I did other then the thing with the flash drive, was installing windows xp updates and getting some antivirus software running on my computer. If geek squad finds other viruses then it would have to be those files in my Ubuntu computer. I can't think of anything else that could cause it.

You have to be aware that there are two potential errors in any antivirus program:
1. A program might miss to detect a virus
2. A program that does not contain a virus might be falsely flagged as virus.

https://www.virustotal.com uses several dozens of different virus scanners on a file that you upload. If a file is flagged as virus by just one scanner, then this is most probably just a false positive.

I recommend that you try uploading one of the suspected files and check the results.

Virus scanners usually are operating system independent in the sense that a virus for Windows would also be detected by a virus scanner for Linux and the other way round.

Sorry vanamali. You are probably right. I plugged in my flash drive in my netbook again and scanned my computer again. I even searched for that same file manually. That same virus was nowhere to be found.

Manfred hampl, I don't have enough time now, but when I get a chance I'll upload those files to virus total.com

Question for manfred hampl

Is virus total.com free?

I scanned the three files with the virus total website. It showed 0 results. Does that mean that those files are clean for sure?

Sorry about all the trouble. Unless I am told everything in detail, I misunderstand things. Virus total scanned those three files and showed 0 results. I think that means they are clean, but I want to hear that answer from you since your better with Linux than I am.

Re: "I scanned the three files with the virus total website. It showed 0 results. Does that mean that those files are clean for sure?"

There can never be a 100% certainty, but a result of 0 on virustotal means that none of the 50 scanners in use on that site finds any of the known virus patterns in these files. You can be assured that what you got was a false positive, i.e. a file wrongly flagged as suspicious.

The only abnormal thing that my computer did since those files showed up, was that the volume icon on the top right of the screen did not show until I adjusted the volume levels. Everything else acted normal.

What I described on my last message is my computer's current condition. when I talked about other things that might have been caused by those files were from before the last time I installed Ubuntu.