unexplained pop-up on KDE desktop
1 Attachment(s)
I've started getting a pop-up on my KDE desktop. I've attached a screen grab of the display. I have no idea where this comes from and have been unable to resolve the issue described.
I've run the update utility and learn that all packages are up-to-date. I have tried all sorts of searching to discover anything that might suggest the source of this display. Again, no success. Can anyone explain: what this is and what to do about it? Stumped, ~~~ 0;-/ Dan |
The red flag that would come to my mind if that were my system is: is my computer infected with malware? Without actually going to any website, it would be good to find out where that "Later" link in the lower right corner of the popup leads to. You might want to do a full backup of your computer and then boot into a known clean configuration (e.g. live CD/DVD) and do a scan for malware.
|
Apper is a KDE thing no?
Open a terminal and see if it is running when the popul appears. Kill it and see if the popup goes away. |
Quote:
Most importantly, what distro are you using? is it Mint? version? and is KDE the only user interface you have installed, and, if you use several, does the message come up in all or just kde? and what kde version? (This pop up doesn't look anything like the apper that I have seen, but that could be just config or version differences). The two possibilities mentioned above - malware and multiple updater apps - seem the ones most obvious for investigation. If you have multiple updaters (apper mentioned), it can be the case that secondary updater isn't configured correctly for all the repos, depending on how good a job your distro has done (apper is a bit generic, and someone has to do the nitty-gritty bits of getting it to work with whatever packaging system your distro uses and I have seen it miss second or third level dependencies, in earlier versions and, if you have added non-standard repos yourself, that could be a factor). Have you tried finding out what is running at the time that the pop up comes up with, eg, system monitor or top or something (a command line util like top, etc, would probably be best, because you can send the output to a temporary file and compare the results when this pop up happens with the results when it doesn't; that might help)? |
Quote:
Quote:
Quote:
Quote:
Since I'm running Mint, I've tried mintUpdater and also synaptic looking for available updates. I did not find anything pending. I've also scanned log files for any indication of what is going on. Again, no joy. |
Quote:
Quote:
|
I'll do the things you mentioned and report back.
I've been running some form of Linux since the middle 90's without any scumware or malware troubles -- touch wood. This will be a first if it is in fact malware. ~~~ 0;-{ Dan |
Quote:
I still keep things up to date but also always remain vigilant against the possibility of malware being present. I'm careful where on the web I go and, if the website is not one I regularly visit, I check it against an online malware scanner such as http://sitecheck.sucuri.net/scanner/ before I go there. Further, the least little unexpected "mind of its own" behavior in my system will want me to check for malware immediately. |
Quote:
|
In general, you want to do anything you can to make it hard (and preferably impossible) for a hacker to attack your computer, and also keep looking for new tools that can make your defense that much better. |
Do you use Chrome or Chromium? If yes, could you check and kill every instance of it and see if the popup dissapears?
|
Assuming you are running X11, when it appears open a terminal and...
Code:
xprop |grep PID Then use ps to see what the process is, the parent(s), etc. There are other X utils and commands that will provide additional info but I have not used them in so long a time the memory fades... look through the man pages for X maybe? |
Quote:
I love the quote you use as your signature, and offer the following potential clarification. I believe that "freedom" and "liberty" are different concepts that are often confused. Absent chains, I'm "free" to swing my arms, but a civilized person does not have "liberty" to do so when another's nose is in the way. While in the military, I learned "secrets." Since I was not gagged, I was "free" to tell what I knew. However, on my oath and sacred honor, I was not at "liberty" to disclose, confirm or deny what I knew. Our Founders specifically used the words, "... life, LIBERTY, and pursuit of happiness ..." Our "liberty" has been and is being stolen. I am not at liberty to hire my neighbor because of the costs associated with all of the regulatory compliance for an enterprise with employees. I am not at liberty to teach what I know because of the mountain of regulations, permits and licenses involved. Of course I am free to pay my neighbor and share my knowledge, but I am at constant risk of prosecution. Respectfully, ~~~ 0;-Dan {/off topic} |
Quote:
... at last a practical diagnostic suitable for a novice or apprentice. Thanks, ~~~ 0;-Dan |
Quote:
It gets launched by init (process 1). Based on this, I believe it is legitimate and not malware. It is so persistent, that I want to get to the bottom. I searched my log files for any record of notifications. No joy. A review of the man-page reveals that one does not feed details to knotify on the command line. A test run reveals that it reads D-bus for information. I'm running Mint-16 so Apper is not running. mintUpdate.py is running. When system updates are available, I don't object to a notifier. I'm baffled by the fact that it is an on-screen pop-up and the details are not reflected in the system-tray notifier information. |
All times are GMT -5. The time now is 09:24 AM. |