Complete.Org: Mailing Lists: Archives: discussion: April 2000:
[aclug-L] Re: Repeat of virus warning
Home

[aclug-L] Re: Repeat of virus warning

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: discussion@xxxxxxxxx
Subject: [aclug-L] Re: Repeat of virus warning
From: Greg House <ghouse@xxxxxxxxxxxxx>
Date: Fri, 7 Apr 2000 23:57:48 -0500
Reply-to: discussion@xxxxxxxxx

On Fri, 07 Apr 2000, you wrote:

> As far as KDE goes, the bug would have to be in a setuid program,
> which I do not believe the mailer would be, so that pretty well
> eliminates that option.

I'm using KDE on a Mandrake 6.0 system. I just checked kmail and it's
definitely not setuid. kppp is, but not kmail.

> Therefore we are left with the hardware failure theory.  I

<snip>


> "Michael A. Holmes" <maholmes@xxxxxxxxxx> writes:
> 
> > last monnt, I downloaded varicad and put it in the root directory
> > Tonight I get an email from them.  When I opened it, a terminal window came 
> > up and the follownig was in it.:
> > 
> > >su
> > >my secret password was typed in and then accepted
> > root@/home/mike> fdisk /mbr
> > root@/home/mike>
> > 
> > at this point, my hard drive went nuts.  I pressed the power button.
> > whent I rebooted, it went into linux, but could not find /hda9 or 10 my 
> > /home and /stchuff drives.  Pine was the only email client I could pull up. 
> >  I tried to send this email.  But I see it never made it.  Now windows is 
> > the only thing left on the computer.  I cannot even get linux to come up.

Ok, I haven't been closely following this thread, so forgive me if this has
already been covered but...

1) fdisk doesn't have a /mbr option under Linux, that's a DOS thing. And...even
if it DID do what the DOS fdisk /mbr command does....it wouldn't corrupt your
partition table. All that does is rewrite the master boot record.

2) I'm confused about your definition of the problem. You don't need /home or
/stchuff to run Linux, so what's preventing Linux from coming up? Is it stuck
at the mount commands for those (non-essential) mount points? Can you boot it
in single user mode?

3) If not, have you tried booting from a floppy, like the Slackware install
set, or the Tom's rescue disk one someone on this list mentioned awhile back?
That might let you diagnose the problem with your hard drive (or at least check
out the damage). It would be interesting to see what fdisk thinks is
partitioned on it at this point.

4) Do you still have the offending mail message? If so, can one of us analyze
it to see if it contains anything strange?

Greg

-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi


[Prev in Thread] Current Thread [Next in Thread]