No Jeremy, reformatting is nonsensical, like doing anything without finding cause of the problem is! You have to check out prelink if you still don't know about it, it can be something amazing or ridiculous. In my case, all evidence points to prelink! To the guys using prelink and having experience with it. So I did a further study and found out that it possesses some issues. First it doesn't randomly address the data making applications prone to perl security attacks. Secondly, it way of keeping track of address maps is awkward which becomes a few weeks older till it gets updated. Thirdly, its 'a very old styled' application. It was written back in 90's when computers were slow to make them fast. But with today's extraneous processing age, its effects are long vanishing. Lastly, I see a lot of people remove it in post installation process. Many claim it sucks as it creates more problems than what it is supposed to do. As I occasionally do a minimal install so I am not sure how it got installed on this very box. Seems like 'yum update' or the kickstart did it. But anyhow I disabled it already and I am gonna benchmark the system for performance; needless to day, it will be removed from my desk. It did pop like a jack in a box :P! On Mon, Sep 26, 2011 at 7:11 AM, <m.roth at 5-cent.us> wrote: > Jeremy Sanders wrote: > > Micky L Martin wrote: > > > >> Because rpm and rpmverify also seemed to have been modified so I cannot > >> trust 'rpm -V' package verification. > >> > >> Already did lsof and process tracing but to no avail. Does anyone have > >> any idea how to find that culprit? > > > > Are you sure it's not prelink that's modifying the files? You can google > > how to disable this. > > > > Boot from a CD to check the checksums or run rpm if you want a clean > > environment. > > Don't really know about prelink, but I strongly agree with the last > suggestion: boot from a CD, or USB key, or something *other* than your > hard drive - your comments strongly suggest that you've been infected. You > *do* have backups of your configuration and data (and home directories, > etc)? If so, you might want to do a reinstall without formatting... and > then, and only then, rerun grub-install. > > mark > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110926/fa128fd3/attachment-0004.html>