Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Post mortem of a virus :)

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Post mortem of a virus :)
Prev   Next
# 1  
Old 11-07-2008
Post mortem of a virus :)
Hi,

My pen-drive got infected with a virus when I used it on a windows system.

When working on a fedora system, I could view the files that the virus created, and the virus exe file itself.
I navigated into the pen drive using the bash prompt, and opened the virus exe file with the vi editor. I deleted all the lines in the file and saved the file. Now the file contains nothing Smilie (details of the files and folders provided below)

The trouble is that I'm not able to delete the file.
The folder that contains the two virus files shows this for an ls -l

-rwxr-xr-x 1 p913001 root 19 2008-11-03 00:32 Desktop.ini
-rwxr-xr-x 1 p913001 root 29 2008-11-03 00:33 ise32.exe

Question 1:
I've tried modifying the file permissions with chmod, but still couldn't delete the file. How to delete it?
Question 2:
If I simply delete these file from the pen drive, can I consider my pen drive virus free? (additionally, since the ise32.exe file now contains nothing, does it mean that the virus is dead?)

Details:
The root folder of the pen-drive contained an autorun.inf file which the virus created. I deleted that file.
There's a folder called 'restore' which I can't delete. This 'restore' folder contains a folder called 'S-1-5-21-1482476501-1644491937-682003330-1013'. It is this S-1-5-21-1482476501-1644491937-682003330-1013 folder which contains the Desktop.ini file and the ise32.exe file.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Windows & DOS: Issues & Discussions

Windows XP keeps getting virus

Hi All, My old laptop has Windows XP. I reinstalled only last month and installed AVG free anti-virus. It's like every month, I get some kind of spyware or virus issue. which anti-virus software you guys using? Thanks. (8 Replies)
Discussion started by: samnyc
8 Replies

2. AIX

Post mortem for critical Production AIX System Reboot/Crash

Hello All, Critical AIX production box crashed/rebooted while our team is working on it and we need to generate a detailed report for that, below are few questions that need to be included in the report. (We are System Administration team and everyone in our team has root access via sudo as well... (3 Replies)
Discussion started by: lovesaikrishna
3 Replies

3. UNIX Desktop Questions & Answers

Virus and Malware

How do i manage virus and melware in Unix ? (2 Replies)
Discussion started by: Suriano10
2 Replies

4. Windows & DOS: Issues & Discussions

virus help:

:confused: folder option is dissapiaring in tool menu iam formatting c drive after removal of this virus & also regedit is also not opening the messerge say's administrater disabled with out formattiung how ican solve this problem i.e iwant to get folder options& regedit (2 Replies)
Discussion started by: seshumohan
2 Replies

5. UNIX for Dummies Questions & Answers

unix and virus

why one normally hears tht virus has stuck windows and one does not hear that unix has been stuck by virus...wht make unix so powerfull tht virus does not stuck it. (9 Replies)
Discussion started by: taurian1234
9 Replies

6. UNIX for Dummies Questions & Answers

Worm Virus

I am running Unix SCO and have discovered the worm virus. It is enabled through a BIOS connections, I am able to get around it using telnet, believe it or not. - Can anyone recommend a virus scan software? - Has anyone successfully used a virus scan software on unix without a problem? ... (2 Replies)
Discussion started by: ana_cr32
2 Replies

7. UNIX for Dummies Questions & Answers

Virus !!!!!!!!!!!!!!!!!!!

can linux get a virus on the boot sec from windows? becuse my buddys computer micro trend cmos virus keeps telling him that there is a boot sec virus on my hdd is that possable or is the box being dumb and looking at the linux boot as a virus? it was set up as a windows box not a linux... (4 Replies)
Discussion started by: amicrawler2000
4 Replies

8. UNIX for Dummies Questions & Answers

virus????????

i tought you can;t get virus in unix ? i have some admins buddys that work in bsd all he time and they sayed you can;t get viurs in unix is that true? download.com is putting virux updates out for mac OS X ................ (7 Replies)
Discussion started by: amicrawler
7 Replies

9. Cybersecurity

do i have a virus???

nice board, makes interesting reading! glad to know im not the only one to have problems!! :D :D last week, our database started to crash (run on unix / solaris) for no apparant reason. the problem seems to be intermiant which lead us to believe it may be a hardware problem causing the... (2 Replies)
Discussion started by: mdma
2 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

collectd-email

COLLECTD-EMAIL(5)						     collectd							 COLLECTD-EMAIL(5)

NAME

       collectd-email - Documentation of collectd's "email plugin"

SYNOPSIS

	 # See collectd.conf(5)
	 LoadPlugin email
	 # ...
	 <Plugin email>
	   SocketGroup "collectd"
	   SocketPerms "0770"
	   MaxConns 5
	 </Plugin>

DESCRIPTION

       The "email plugin" opens an UNIX-socket over which one can submit email statistics, such as the number of "ham", "spam", "virus", etc.
       mails received/handled, spam scores and matched spam checks.

       This plugin is intended to be used with the Mail::SpamAssassin::Plugin::Collectd SpamAssassin-plugin which is included in contrib/, but is
       of course not limited to that use.

OPERATION

       This plugin collects data indirectly by providing a UNIX-socket that external programs can connect to. A simple line based protocol is used
       to communicate with the plugin:

       o   E-Mail type (e.g. "ham", "spam", "virus", ...) and size (bytes):

	     e:<type>:<size>

	   If "size" is less than or equal to zero, "size" is ignored.

       o   Spam score:

	     s:<value>

       o   Successful spam checks (e.g. "BAYES_99", "SUBJECT_DRUG_GAP_C", ...):

	     c:<type1>[,<type2>,...]

	   Each line is limited to 256 characters (including the newline character).  Longer lines will be ignored.

SEE ALSO

       collectd(1), collectd.conf(5)

AUTHOR

       The "email plugin" has been written by Sebastian Harl <sh at tokkee.org>.

       The SpamAssassin-plugin has been written by Alexander Wirt <formorer at formorer.de>.

       This manpage has been written by Florian Forster <octo at verplant.org>.

5.1.0								    2012-04-02							 COLLECTD-EMAIL(5)