On 01/03/2013 05:37 PM, Greg Freemyer wrote:
In general:
- Manually inspect the file, is it clearly innocuous? - look at its permissions, does it have the substitute user or group bits set - Get it's MD5, SHA1 and SHA-256 hash. (use md5sum, sha1sum, and sha256sum respectively) - Google search for the error messages and the hash values. - if the suspicious file has contents, submit it towww.virustotal.com for analysis (free). - run strings against the file, do you see strange strings in there
- thank you so much Greg - as an old-age home-user, this is way above my reach ................ /etc/crontab looks innocent : < PATH=/usr/bin:/usr/sbin:/sbin:/bin:/usr/lib/news/bin MAILTO=root # # check scripts in cron.hourly, cron.daily, cron.weekly, and cron.monthly # -*/15 * * * * root test -x /usr/lib/cron/run-crons && /usr/lib/cron/run-crons >/
................ and, thank you for not saying "rtfm" ............ thanks best regards -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org