I'm an idiot!
 

I'm comfortable enough with Linux to run Backtrack 5 on it but I did something boneheaded. My cousin wanted to Skype his old lady so I let him use the laptop because it's got a cam on it. I even launched Skype for him so he wouldn't have to mess with anything. About an hour later I take a break from gaming and head to the livingroom. He's watching movies on here from Lord knows what site(s). When I went to boot into the other partition there was some viewer that came up, which pissed me off, and I had to hard boot to get out of it. When I went to get back into Linux it came up again, I hit the shutdown for it and it gave me a black screen. I managed to get BT to launch using recovery but I've no idea how to find out what he's put on here or how to find it. Any suggestions would be appreciated. I don't want to have to back everything up and reformat. Thanks

Hello,

What about logs?

Ask him??

I'm assuming that at least some of what he did was using the web browser. Did you try clearing the history, cookies, etc.?

What is on that other partition?

Try examine all /var/log/messages, even the syslogs, the entries are dated so it is easier for you to isolate the portion of records to search into. Examine also the browser's history and the /tmp directory.

What appears when you boot to the BT? Can you post the entire /var/log/syslog that records the failing boot up? fellow members here might be able to help you detect the problem.

He doesn't know what he did. I did just notice, not ten minutes ago, that he'd allowed all scripts globally. I checked messages and syslog and the final entries on both are for August 19th. I've tried looking in /etc also but I don't see a sysinit file, I was thinking if I could find that then I could see what is loading and when. Whatever it is launches before I get to the point where I could enter my user name and password. I've got to do some running real quick, when I get back I'll restart the computer and see if I can get a name for the program that's running on boot. I don't know if that will help or not. I do appreciate the suggestions that everyone has given me. Please don't think ill of me for being as novice as I am and using a distro like Backtrack. I use it so I can learn and I consider this a learning experience. Thank you.

Upon boot failure (or any troubled boot) the /var/log/syslog right on records what is happening behind, it sure leads you to some certain clue, direct or indirect. Just cat them on:


Don't worry Linux Questions was created mainly for you and us.

Always welcome!

Hope that helps.

Good luck.

One thing
 

This should teach you, and anyone reading this that did not already know:
1. to prepare any machine they might want to loan with a 'guest' account or two (perhaps virtual) with no rights to change anything.
2. to make backups. Often. In rotations so you have multiple restore points available against need.

Do not feel bad, the people who know these things best have learned by painful experience. Some of us have had the experience of a CEO doing something like this with a business critical resource, then turning to IT and saying "WHY DID YOU LET ME DO THAT?", or worse, "WHAT DID YOU DO?"! This was a friend: much less painful, though still not fun.

A worthwhile reminder indeed 'wpeckham'.