Since updating to F41, I see this icon (the screencast one shown at the bottom of the post) every morning after waking up. It’s been very constant the past months; it’d show up every morning since November, then it stopped for a while during all of December, until now, it returned today again).
I really don’t do anything that could introduce malware in case it was one. Everyday for the past entire year I’ve been using only LibreOffice, Brave and Lutris for World of Warcraft. I haven’t installed or downloaded anything suspicious from the internet, except some of the games I have in Lutris. I got them all like 6 years ago while using Pop_OS! and never had issues, I got them all exclusively from Elamigos and Fitgirl repacks, no other. I do remember getting Silent Hill The Room from Fitgirl around the time Silent Hill 2 Remaster came out this year, after a 6 years hiatus of installing any game, but outside those downloads, everything I download comes from Fedora’s Software, nothing else. I like to keep my laptop as clean, organized and minimal as possible, I only have one startup app, MEGA Sync, and that’s it.
I ran clamav and it said it found these viruses:
/mnt/Games/Games/TheSims4/Game/the-sims-4/drive_c/windows/syswow64/wbem/wbemprox.dll: Win.Dropper.Malwarex-10037125-0 FOUND
/mnt/Games/Games/TheSims4/drive_c/windows/syswow64/wbem/wbemprox.dll: Win.Dropper.Malwarex-10037125-0 FOUND
/mnt/Games/Games/cuphead/drive_c/Games/BioShock Infinite/Binaries/Win32/steam_api.dll: Win.Tool.Gamehack-9886010-0 FOUND
I deleted all the programs claimed to be infected, Sims 4, Cuphead/Bioshock Infinite, and moved on.
My Fedora has been weird overall, my keyboard’s drivers fail as discussed in my other post from months ago, although I bought a new keyboard and I’ve been surviving with it. I feel like it’s a software problem, because the laptop keyboard is stable in certain situations, I can get it to be stable sometimes too, and I also opened my laptop to clean it and it wasn’t really dirty.
I’ve been trying to detect any suspicious process running while this happens, but I get lost in the hundreds of processes that belong to the kernel/machine and I don’t understand. Is there a quicker way to diagnose cases like these? Next time it happens I will copy and paste all the current running processes from ps -aux
, paste them in a spreadsheet column, then stop the screencast by clicking on the icon of the screencast, and then copy and paste again, see which process is the missing one and could be the one causing this, although I tried this for the keyboard issue and didn’t know what to do next, the processes seemed related to kworker, something like that, it wasn’t a third-party, but part of the kernel/distro/machine.
This is just a theory, I’m not experienced enough yet to come to conclusions, but, since the day Linus Torvalds removed/reverted all the russian commits from Linux around November, seems like problems have been popping up, but I’m not sure if they could be related to that and we are just enduring the errors while they’re getting fixed, it’s just that the coincidence throws me off. I’m not condemning, blaming or anything like that, I actually support the safety of developers over anything else, just pointing out this possible connection; does this have merit or nah, not really?