[SOLVED[ Updating sources.list - Malware?

[A. G. Olphart]

I successfully changed Synaptic's sources.list on one machine (per post 241 in the Ibiblio moving thread).

THEN I went for my Win2K/PCLOS dual boot machine.  
First weirdness noted was not being able to log into Root's terminal; upon entering the root password, no terminal, no bad password notification, just a flash on the screen and it was as if I hadn't requested a terminal.

Finally used another terminal as root, and backed up sources.list; after figuring out that my copied and pasted list from post 241 had to reside in my home folder (tried putting it a couple layers down), it installed.

Upon running Synaptic, I was informed that it didn't like the lead characters of the new list.  In trying to get to the list in synaptic to delete the games entry (and anything that may have been ahead of it), I managed to lock up the machine, and then my mouse pointer arrow turned into a skull.  
I pushed reset, then cut the power.  

I run a separate home partition, and could reinstall, but will the malware (if any) be in the home partition also?  Is my Win2K safe in its partition?

I doubt that the skull pointer was benign, so...  what next?  


 

[Bald Brick]

I successfully changed Synaptic's sources.list on one machine (per post 241 in the Ibiblio moving thread).

THEN I went for my Win2K/PCLOS dual boot machine.  
First weirdness noted was not being able to log into Root's terminal; upon entering the root password, no terminal, no bad password notification, just a flash on the screen and it was as if I hadn't requested a terminal.

Finally used another terminal as root, and backed up sources.list; after figuring out that my copied and pasted list from post 241 had to reside in my home folder (tried putting it a couple layers down), it installed.

Upon running Synaptic, I was informed that it didn't like the lead characters of the new list.  In trying to get to the list in synaptic to delete the games entry (and anything that may have been ahead of it), I managed to lock up the machine, and then my mouse pointer arrow turned into a skull.  
I pushed reset, then cut the power.  

I run a separate home partition, and could reinstall, but will the malware (if any) be in the home partition also?  Is my Win2K safe in its partition?

I doubt that the skull pointer was benign, so...  what next?  

From that it is impossible to figure out what you've done or tried to do.

First, "sources.list" should not reside in your home folder but under /etc/apt.

Precisely what did you do when you failed to "log into Root's terminal"? Did you open a terminal and su to root? Or did you try to log in as root?

Pressing Ctrl+Alt+Esc would have given you the skull pointer and clicking on a window with that pointer would kill the program owning the window. It isn't precisely benign but sometimes very useful. 

 

[Neal ManBear]

Not malware.
http://www.pclinuxos.com/forum/index.php/topic,86168.240.html   -- From post 241:

1) copy/paste the text quoted below into an empty document and save it as sources.list in your home directory
2) not just minimize but properly close Synaptic if it is open,
3) as root backup your original sources.list (which may contain your PASS info):   cp /etc/apt/sources.list /etc/apt/sources.list_orig
4) as root copy the file sources.list from step 1 to /etc/apt/sources.list overwriting the existing one.

Note that there are 3 steps after you save to your home directory. Step 3 and 4 need to be done as root -
(3)Open terminal. Enter su, type the <Enter> key, give root password at the request for it and type the <Enter> key. At the root prompt, enter the command cp /etc/apt/sources.list /etc/apt/sources.list_orig and type the <Enter> key. This will create a back up copy of your original sources list, named sources.list_orig.
(4)Enter the command cp /home/<your user name goes here>/sources.list /etc/apt/sources.list
and type the <Enter> key. This will create your new sources list.

From what you posted, it looks like you tried to update using the old list.

[kjpetrie]

Check your partitions are not full, and perhaps boot from a livecd and run fsck on your unmounted partitions as well.

Please explain exactly how you tried to run in a terminal as root. Was this a virtual terminal (Ctrl+Alt+F1-6), a terminal emulator within the GUI, and if so which emulator in which desktop?

The lock ups suggest all is not well resources-wise, and it also sounds as if you managed to launch XKill without realising it.

[A. G. Olphart]

Thanks guys, I think it's OK now.   Still don't know why the Root console (off GUI list) doesn't like my root password but Konsole thinks it is right.  Oh, well, what's a Luser to expect.

Sorry my post was so confusing.  It was tired out last night when the list update failed, and my memory is none too great when I'm fully awake.

The explanation for the skull gave me the nerve to go back and hit it again. 
Clicking on 'repositories' in synaptic locks the machine rather than allowing the field to be edited, so I had done CTRL-ALT-ESC (with somewhat unexpected results).  
Works nicely when the skull is expected.
 
My real problem had been using Abiword to try and move the list; although the text in Abiword shows only the list, the file starts out with '<?xml' and a lot of other garbage saying that it is an Abiword file. 
I copied the text into Kwrite, saved it to /home/ag/sources.list, and finished out per Pinoc's post.

Thanks Again...  looking across the room, I see that the updates have completed.


A. G.