Registered: Feb 2006
Location: Kalamazoo, Michigan, in what used to be the USA
Distribution: (Ex-Ubuntu due to Unity), Debian Squeeze, Bodhi w/ E-17 "Stable", MacPup525, Legacy (TeenPup) Live
May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix
Barely post-newbie, came to linux from Mac and then Windows, have been using Ubuntu almost exclusively for just over a year. Good brain for problem-solving, still on the steep side of the Linux learning curve, and a mostly cook-book level of CLI use.
Asus mobo, 1.6GHz, 1.5GB, Intel 32, running Ubuntu Fiesty (7.10), and Firefox w/Adblock, Fasterfox, NoScript, and Ubufox extensions (I think it's version 126.96.36.199, but I'm not sure, and I don't dare open it to check the version, as it will probably mean shutting down the box for ANOTHER hard boot. I have recently had a very occasional BIOS beep code for "video ram or video card problem", but it's an older box, and I've been living with it. I don't think this is related to the current problem.
I was tired, chasing down info about HTML, and allowed NoScript temporary permission to run a script on a site that seemed harmless enough, and wasn't loading the content promised. Got an immediate freeze on the page, had to push the big button on the box-front. Cursing ensued. Since then, standard Ubuntu programs I try to use gradually grind to a halt, with the error message that the "(program) is not responding". Waiting doesn't help. I have to "force quit". Firefox is the hardest hit, but I can't even get a Gnome terminal. I have to hit alt-F2, and type in "xterm" to get any terminal at all. At boot, the login system sound repeats, and the screen flashes twice, as though it were loading an extra desktop. Overall performance would also suggest this. The Firefox logo on the application bar above the desktop comes and goes, sometimes replaced by the Opera logo, which is not the default browser. At the last boot attempt, the desktop did not load either of the taskbars. Opera is able (-so far!) to stay up and function normally. Bless Norway.
Also, I haven't backed up the last few days work coding web pages off-site, or even off the computer.
What I've done so far:
Typing in terminal, "ps -AT", and "top", I learned that there was a zombie process running. Found a zombie-hunting code string on the web, posted by someone gobs more knowledgeable than me, and used it. Found a process ID, and typed "kill -9 (process#)". This does not seem to have fixed the problem AT ALL.
I've been all day trying to fix this. I'm not much good at the command line. My web searches just turned up gobs of Windows apps, Windows articles with some passing reference to Linux, and two-year-old happy talk about how Linux is bomb-proof, and you'll never have to worry about malware. The few articles I found that seemed like they might touch on the problem swiftly descended into opaque (-to me!) technical jargon.
This may not be about malware. I'm barely ignorance-deficient enough to realize that I may be reading this entirely wrong. However... It sure as Hel reminds me of when my old Windows partitions would pick up something nasty, before I learned about Spybot S&D, Avast, etc. The behavior of this box is very similar, if you'll pardon the anthropomorphizing. It's not the slowness that I notice so much as the unpredictability. That, and the fact that Opera continues to run fine, leads me to think of malware, targeting the ever-more-popular Firefox.
What I'm really after is some sort of comprehensive approach to detecting and cleaning up whatever the problem is. I've already spent much of the day cursing myself for getting sloppy with NoScript, but if anyone really feels the need to give me more grief on that score, be happy.
Most of my box is backed up, and could be re-loaded. The main thing I want to salvage are the web pages I've been working on for the last week, and my bookmarks. If I could do that, I'd be fine if the fix involves burning down the HDD, re-installing, and then listening to stern admonishments to "Never, EVER do that again!" Any help on this would be greatly appreciated. In particular, if anybody could recommend good Linux malware-killing tools?
One thing just occurred to me. In Ubuntu, is the default password / user setup essentially "running as root"? If so, I may have to fix that somehow. Anyway, thanks in advance! Later.