Fedora Linux Support Community & Resources Center
  #1  
Old 24th June 2009, 12:48 AM
robertgray86 Offline
Registered User
 
Join Date: Oct 2007
Posts: 44
Upgraded to FC11 from FC10. System Freezes/Hangs; and I'm now spamming via a virus.

Greetings:

I upgraded from FC10 to FC11 yesterday. I had no problems using FC11 after I looked into the bootloader (not intuitive - Ha!).

Tried to boot up this morning; and things seemed to work well until I tried to call up Firefox (added a few themes yesterday).

The window pops open; but the computer freezes on the spot with an alarm (generic "beep", w/o the finishing "p"). Tried it with Epiphany; and I get the same results with the exception of actually getting to the Home Page.

Yum works for the most part - I reinstalled Firefox (no effect); but couldn't reinstall epiphany (keeps saying "there is no such package - did you mean 'epiphany'". No typos on my part - go figure). Doing Software/Package Updates (via System Menu) freezes the box as well.

Did it with the system monitor on. It doesn't appear to be related to CPU Usage.

Had a FC10 liveUSB and used it for awhile (e.g. to check out the forums). After giving my ISP some grief about downloading speed, immediately received a note from their Abuse Department, saying that my machine had been infected with a virus and had been sending spam emails (post upgrade to FC11). The USB froze while I tried to do a pretty large update; and I couldn't boot from the puppy again.

During the boot on the box, I do get several messages before logon (the blue bar doesn't move on my install). They are:
virbr0: Starting userspace STP failed: starting Kernel STP
and
eth0: MediaLink -100mb, full duplex

I'm on a LiveCD (Another OS) now. Using this box for work. Need some help on troubleshooting the 1) Internet Access/freeze and 2) "Virus" (according to ISP)problem.

Thank you.

Last edited by robertgray86; 24th June 2009 at 03:03 AM. Reason: better title
Reply With Quote
  #2  
Old 24th June 2009, 07:25 AM
robertgray86 Offline
Registered User
 
Join Date: Oct 2007
Posts: 44
Update02:

I'm now having problems with Yum....getting "kernel0ops" error in the midsts of attempted updates.

Also, as I boot, I'm getting "lo: Privacy Settings Disabled" along with the eth0/vibr0 notifications on occasion.


Sidebar: I changed the title of this thread; but it doesn't register in the forum listings. Is this a glitch?


Thanks

Last edited by robertgray86; 24th June 2009 at 06:02 PM. Reason: Update - more data.
Reply With Quote
  #3  
Old 25th June 2009, 03:16 AM
sidebrnz Offline
Registered User
 
Join Date: Oct 2007
Location: Freedonia
Age: 64
Posts: 2,459
Not sure what's going on, but I do know you don't have a virus; that's a Windows specific issue, and you're not running Windows.
__________________
Registered Linux user #470359 and permanently recovered BOFH.

Any advice in this post is worth exactly what you paid for it.
Reply With Quote
  #4  
Old 25th June 2009, 07:29 AM
robertgray86 Offline
Registered User
 
Join Date: Oct 2007
Posts: 44
I concur. Yet, the ISP Abuse Desk had been notified of the time my box allegedly spammed away. I was on FC11. Their analysis claimed that it was caused by a Virus...

Figured someone broke through the Firewall and took advantage of the new FC11 install defaults somehow. I've never been notified by my ISP of such activities done by my boxes; but I've been hacked and DDoS'd(called the ISP - no reason behind the slow traffic) a few times...

Thanks
Reply With Quote
  #5  
Old 25th June 2009, 03:37 PM
sidebrnz Offline
Registered User
 
Join Date: Oct 2007
Location: Freedonia
Age: 64
Posts: 2,459
Just out of curiosity, have you told them you use Linux, and if so, what did they say?
__________________
Registered Linux user #470359 and permanently recovered BOFH.

Any advice in this post is worth exactly what you paid for it.
Reply With Quote
  #6  
Old 25th June 2009, 08:49 PM
robertgray86 Offline
Registered User
 
Join Date: Oct 2007
Posts: 44
Yes. The usual disclaimer that they only can "troubleshoot" Windows - blah, blah, blah...then I proceed with my issue at hand.
Reply With Quote
  #7  
Old 25th June 2009, 09:13 PM
beaker_ Offline
Registered User
 
Join Date: Nov 2008
Location: Canada
Posts: 2,282
Yeah it's hard to communicate with a monkey only interested in a peeing contest. But if they're not penelizing you then why bother. However I wouldn't dismiss it outright; think about other machines on your network, your router and or access point if you've got one. I guess your logs & OS choice will be your defence but the truth is you need info starting with what virus are you sappose to have, origions of the report, and how do they know it's not someone pretending to be you. Bet you wont get all the answers.
Reply With Quote
  #8  
Old 27th June 2009, 09:31 PM
CiaW Offline
Registered User
 
Join Date: May 2009
Location: eastern Washington (state) USA
Posts: 489
While it may not be a virus, there's a possibility it's some sort of 'exploit' -- such as this one:
http://blog.unmaskparasites.com/2009...jected-script/

If you visit an infected website, it somehow uses a key-logger to get your passwords and starts infecting others, or something like that. Though I don't know much about Fedora / Linux and keyloggers or anti-keyloggers, and the like. I did a search a couple of weeks ago and didn't find much.

There are also some websites, like Facebook, where some people have come up with some pretty clever exploits apparently. I recently changed my settings on there so that I am the only one able to see my email address. I suspect that some of the fun surveys and quizzes they have on there are actually fronts for gathering email addresses. When you invite a friend to answer a quiz, you give it access to all of your friends profiles. Since I changed my settings there, my spam mail has gone down by about half.

That may or may not be relevant to your situation.
Reply With Quote
  #9  
Old 27th June 2009, 10:40 PM
robertgray86 Offline
Registered User
 
Join Date: Oct 2007
Posts: 44
Keyloggers and other exploits

Could be, CiaW, thanks:

I've been on Facebook, so there may be some exploits made through the browsers. Had a Friend using Windoze who had the occasional spam email sent to all his "BFFs"


After I cleaned out the yum cache (don't have the person's name and post on me - sorry), yum worked, though it told me that it was occasionally being blocked by an unnamed app (yum was the only thing I had going).

My system still freezes (with a continuous beep) when I open a browser...
During boot, I can now see a segfault msg:
init[1] segfault @8 ip ####### sp ###### error 4 libdevmapper.so
with a second status "graphic" bar that actually works.

Anyone with a clue as to what systems to reinstall?

Regards. Thanks

Last edited by robertgray86; 27th June 2009 at 10:51 PM.
Reply With Quote
  #10  
Old 28th June 2009, 03:39 AM
steelaworkn Offline
Registered User
 
Join Date: Dec 2008
Location: Pacific Northwest
Age: 47
Posts: 1,133
You could install Avast for Linux and then run the scan. That would certainly get whatever is bugging you.
__________________
My setup:

Intel DP35DP MB; Nvidia 440 2 gig Video Card; 8 gigs of ram; Intel Core Duo 2.20 gig; Hp Officejet Pro L7580; LVM F20 64bit using 3 320g HDs and dual monitors.
Reply With Quote
  #11  
Old 28th June 2009, 05:19 AM
marko Offline
Registered User
 
Join Date: Jun 2004
Location: Laurel, MD USA
Posts: 5,898
Why spend so much time on it, just back up your data, get dban:

Darik Boot and Nuke http://sourceforge.net/projects/dban/

and wipe the disk and install Fedora 11 Official from scratch.

(installing F11 fresh would likely wipe out bad stuff on the disk but running the
dban would pretty much make sure)
Reply With Quote
  #12  
Old 28th June 2009, 06:59 PM
marko Offline
Registered User
 
Join Date: Jun 2004
Location: Laurel, MD USA
Posts: 5,898
Quote:
Originally Posted by marko View Post
Why spend so much time on it, just back up your data, get dban:

Darik Boot and Nuke http://sourceforge.net/projects/dban/

and wipe the disk and install Fedora 11 Official from scratch.

(installing F11 fresh would likely wipe out bad stuff on the disk but running the
dban would pretty much make sure)
PS. if you use DBAN, use the quick wipe option and not the slower DoD or other
intensive wipes, the quick one just does a single null overwrite, it's much faster than the others which try to write random characters.
Reply With Quote
  #13  
Old 29th June 2009, 10:25 PM
robertgray86 Offline
Registered User
 
Join Date: Oct 2007
Posts: 44
Thanks, Marko:

My problem is now trying to get an installable version of FC11. LiveCDs and DVDs I've downloaded don't seem to "want to work".
Reply With Quote
  #14  
Old 29th June 2009, 10:45 PM
Dan Offline
Administrator
 
Join Date: Jun 2006
Location: Paris, TX
Posts: 22,843
Hmmm.

First things first. If you're going to keep trying to boot the F11 system ... Jerk the LAN connection out of the back of the box! Then resign yourself that you've lost your install, and nuke the drive. If you've been root-kitted, you can no longer trust anything on that drive.

Nuking looks like your only option. I'm not seeing an upside to continuing the struggle. The current install just plain isn't working, and you've got some evidence that the system is NOT under your control.

SO nuke the drive, format it as a storage drive, download and VERIFY new install media, use the liveCD to burn them, then after you've got a good copy, nuke the drive again, shut down the liveCD, and reboot with your new install media. If your new downloads won't pass muster, DL and check them on a different system with a known good OS.

If it was me ... I would no longer trust any data on that suspect drive either. I'd just nuke it. But ... I've also got reasonably recent data backups, too.
Reply With Quote
  #15  
Old 30th June 2009, 01:12 AM
robertgray86 Offline
Registered User
 
Join Date: Oct 2007
Posts: 44
Nuking it All

Dan:

Thanks for the advice. I was trying to download a non-fedora LiveCD and the browser went down...

I have some deadlines to meet workwise, so I'm stuck with LiveCDs for now. Good thing about Fedora's LiveCD - I can at least plug in CDs, DVDs, and USBs and upload my work files.



Regards
Reply With Quote
Reply

Tags
fc10, fc11, freezes or hangs, spamming, upgraded, virus

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Net-SNMP does not work after upgraded to FC11 christopherchiu Using Fedora 0 1st October 2009 06:09 PM
FC11: system freezes when running mplayer.i586 0:1.0-0.109.20090329svn.fc11 Sam- Using Fedora 6 1st July 2009 01:42 AM
Upgraded to FC10, having video problems, go figure! mikeydeeeee Installation, Upgrades and Live Media 7 14th June 2009 08:58 PM
Upgraded from FC9 to FC10 - GRUB Issue jalambert Installation, Upgrades and Live Media 3 10th December 2008 01:18 AM
FC4 System Freezes / Hangs mongenix Using Fedora 0 20th March 2006 07:37 PM


Current GMT-time: 06:56 (Saturday, 19-04-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat