Corrupted or Virus in User Directory
JD
jd1008 at gmail.com
Fri Oct 15 17:26:04 UTC 2010
On 10/15/2010 07:48 AM, Jim wrote:
> Fc13 - 14 / KDE
>
> I have three users on this box
>
> root
> jim
> jan
>
> 'Jim' user directory is corrupted or virus in it.
>
> You can be clicking on different windows, apps and the the screen
> freezes and no matter what you click on , nothing happens,
> in seconds or minutes it unfreezes and you can get back to work.
>
> But !! , the Mouse cursor can be moved around the screen during freeze
> time.
>
> The problem is definitely in the Jim user directory.
>
> I can go into the root or jan home directories and work and the screen
> never freezes .
>
> I also deleted the ,kde directory to see if that was the problem , but
> it did not help, it still freezes .
>
> I ran 'top' and could not see anything hindering the CPU .
>
> I replaced FC 13 with 14 to see if that would make any difference, and
> had the same effect.
>
> I guess I will have to Save the Users files and make a new Home for Jim.
When Jim logs in, and the screen freezes,
login as root on the console, and do a ps -wwef | grep jim > /tmp/ps.jim
Next, do the same for Jan.
Compare the ps outputs to see just exactly what processes
jim is running that jan is not.
One or more of those processes might be the culprit(s).
If you do find these processes, check Jim's shell rc files
like
.bash_logout
.bash_profile
.bashrc
see if he might be invoking the errant process from these files.
If nothing found in the rc files, you have to suspect that one
or more app he is running may be infected, and should be replaced.
top will not should what is causing the freeze, only who is using
most cpu and who is using most ram ....etc.
Another thing to try is, when jim logs in, disable the network.
if it no longer freezes, he is running a program that is also
dependent on the network - without the network, the program
is crippled. Find out which program.
More information about the users
mailing list