I would love to but upon boot this morning I discovered my computer no longer knows what the UUID is for my hd. I already know what the issue is I don't think there is a way to fix the issue. Not unless I am able to change the folders that Linux tries to mount. If you are curious I think it is a Java-based JIT (Just-In0Time compiler) That takes about 8 mb's of drive space and adds the basic folders that Linux itself needs, to the folders except they aren't dir they are files so when the folder is accessed it reads the file then opens the symbolic link to the directory. This 8mb of space is then mapped to a portion of your ram, so when your computer is on it reads this info from the ram, when your computer is off (if you use another computer and forensically analyze it) it remains hidden in unused or slack space. Any forms of media short of CD's (not RW's) is immediately infected with this issue. All remote connections are also affected. I have found no way to prevent this from spreading other than to get rid of all electronics and start over or reinstall everytime you need to shut down. I think if you could dump the ram and format the hard-drive (not by scrambling data but by doing a all-bytes-to-one then all ones-to-zero) you may be able to get by it, but it is likely you will not, as I've noticed it kicks in on the 7int phase of boot. the only way I know of for something like this to happen is to infect the realtime clock and force it to emulate an 8245 RTC (One of the first RTC's) I know all this because I have fought this "infection" across 3 different PC's 2 mobile devices and a whole slew of different HD's. I know very little about computers in general so it is very amusing to me, the fact that by trying to defeat a virus/rootkit you infact would look like the one designing it. I laugh because the virus is written in such a way that it gives you just enough info to find the next step but all the files it uses appear to be encrypted using a simple XOR cipher. Unfortunately for all of us trying to figure out how to fix it the key appears to be about twice as long as the message (key=2lines forevery files=1lines)so as you may know the message is undecipherable even in theory. However if you happen to know several programmers with spare time on their hands I would love to get a chance to speak with a few of them. I would need to speak to programmers who know (one or more of): Java, Bios/Boot, C, Cryptography, ACPI. I am not likely to solve this issue on my own as I have never even written a script successfully (in windows or linux), and I'm not likely to post in forums as I hate dickheads (or todays equivalent of "The Telephone Tough-Guy"). So if you want to assemble a group of programmers and tackle an amazingly tough problem that seems to affect everything with an Intel or ARM processor. I think it isn't very effective on 64-bit machines, but I'm really not sure. I know it causes the NTLOADER to error when using windows, and usually manages to affect your Linux booting after one reboot. Also does not seem to affect Plan9. If you feel like maybe not an undertaking for you please feel free to email any programmers you know with a copy of my email address and a copy or summary of the info above. Thank you for your time and have a great day. Rob Romero
- Marcus Garvey - "With confidence, you have won before you have started." Stephen Leacock<http://www.brainyquote.com/quotes/authors/s/stephen_leacock.html> - "I detest life-insurance agents: they always argue that I shall some day die, which is not so." On Tue, Oct 27, 2009 at 7:17 AM, Pedro Villavicencio <pe...@ubuntu.com>wrote: > Thank you for taking the time to report this bug and helping to make > Ubuntu better. Please try to obtain a valgrind log following the > instructions at https://wiki.ubuntu.com/Valgrind and attach the file to > the bug report. This will greatly help us in tracking down your problem. > > ** Changed in: yelp (Ubuntu) > Importance: Undecided => Medium > > ** Changed in: yelp (Ubuntu) > Status: New => Incomplete > > ** Changed in: yelp (Ubuntu) > Assignee: (unassigned) => Ubuntu Desktop Bugs (desktop-bugs) > > ** Attachment removed: "CoreDump.gz" > http://launchpadlibrarian.net/34341725/CoreDump.gz > > -- > yelp crashed with SIGSEGV in malloc() > https://bugs.launchpad.net/bugs/460139 > You received this bug notification because you are a direct subscriber > of the bug. > > Status in “yelp” package in Ubuntu: Incomplete > > Bug description: > Binary package hint: yelp > > Can't get a "backtrace" because my synaptic manager doesn't have the > package... Even after following the wiki instructions step by step. I am at > a loss as I am using a livecd mailed to me from "ubuntu" > > ProblemType: Crash > Architecture: i386 > DistroRelease: Ubuntu 8.10 > ExecutablePath: /usr/bin/yelp > Package: yelp 2.24.0-0ubuntu2 > ProcAttrCurrent: unconfined > ProcCmdline: gnome-help ghelp:vinagre > ProcEnviron: > > PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games > LANG=en_US.UTF-8 > SHELL=/bin/bash > Signal: 11 > SourcePackage: yelp > StacktraceTop: > ?? () from /lib/tls/i686/cmov/libc.so.6 > malloc () from /lib/tls/i686/cmov/libc.so.6 > ?? () from /usr/lib/libcairo.so.2 > ?? () from /usr/lib/libcairo.so.2 > ?? () from /usr/lib/libcairo.so.2 > Title: yelp crashed with SIGSEGV in malloc() > Uname: Linux 2.6.27-7-generic i686 > UserGroups: adm admin cdrom dialout lpadmin plugdev sambashare > -- yelp crashed with SIGSEGV in malloc() https://bugs.launchpad.net/bugs/460139 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is a bug assignee. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
