Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Post mortem of a virus :)
Top Forums UNIX for Dummies Questions & Answers Post mortem of a virus :) Post 302255824 by sdsd on Friday 7th of November 2008 08:08:31 AM
Old 11-07-2008
Post mortem of a virus :)
Hi,

My pen-drive got infected with a virus when I used it on a windows system.

When working on a fedora system, I could view the files that the virus created, and the virus exe file itself.
I navigated into the pen drive using the bash prompt, and opened the virus exe file with the vi editor. I deleted all the lines in the file and saved the file. Now the file contains nothing Smilie (details of the files and folders provided below)

The trouble is that I'm not able to delete the file.
The folder that contains the two virus files shows this for an ls -l

-rwxr-xr-x 1 p913001 root 19 2008-11-03 00:32 Desktop.ini
-rwxr-xr-x 1 p913001 root 29 2008-11-03 00:33 ise32.exe

Question 1:
I've tried modifying the file permissions with chmod, but still couldn't delete the file. How to delete it?
Question 2:
If I simply delete these file from the pen drive, can I consider my pen drive virus free? (additionally, since the ise32.exe file now contains nothing, does it mean that the virus is dead?)

Details:
The root folder of the pen-drive contained an autorun.inf file which the virus created. I deleted that file.
There's a folder called 'restore' which I can't delete. This 'restore' folder contains a folder called 'S-1-5-21-1482476501-1644491937-682003330-1013'. It is this S-1-5-21-1482476501-1644491937-682003330-1013 folder which contains the Desktop.ini file and the ise32.exe file.
 

9 More Discussions You Might Find Interesting

1. Cybersecurity

do i have a virus???

nice board, makes interesting reading! glad to know im not the only one to have problems!! :D :D last week, our database started to crash (run on unix / solaris) for no apparant reason. the problem seems to be intermiant which lead us to believe it may be a hardware problem causing the... (2 Replies)
Discussion started by: mdma
2 Replies

2. UNIX for Dummies Questions & Answers

virus????????

i tought you can;t get virus in unix ? i have some admins buddys that work in bsd all he time and they sayed you can;t get viurs in unix is that true? download.com is putting virux updates out for mac OS X ................ (7 Replies)
Discussion started by: amicrawler
7 Replies

3. UNIX for Dummies Questions & Answers

Virus !!!!!!!!!!!!!!!!!!!

can linux get a virus on the boot sec from windows? becuse my buddys computer micro trend cmos virus keeps telling him that there is a boot sec virus on my hdd is that possable or is the box being dumb and looking at the linux boot as a virus? it was set up as a windows box not a linux... (4 Replies)
Discussion started by: amicrawler2000
4 Replies

4. UNIX for Dummies Questions & Answers

Worm Virus

I am running Unix SCO and have discovered the worm virus. It is enabled through a BIOS connections, I am able to get around it using telnet, believe it or not. - Can anyone recommend a virus scan software? - Has anyone successfully used a virus scan software on unix without a problem? ... (2 Replies)
Discussion started by: ana_cr32
2 Replies

5. UNIX for Dummies Questions & Answers

unix and virus

why one normally hears tht virus has stuck windows and one does not hear that unix has been stuck by virus...wht make unix so powerfull tht virus does not stuck it. (9 Replies)
Discussion started by: taurian1234
9 Replies

6. Windows & DOS: Issues & Discussions

virus help:

:confused: folder option is dissapiaring in tool menu iam formatting c drive after removal of this virus & also regedit is also not opening the messerge say's administrater disabled with out formattiung how ican solve this problem i.e iwant to get folder options& regedit (2 Replies)
Discussion started by: seshumohan
2 Replies

7. UNIX Desktop Questions & Answers

Virus and Malware

How do i manage virus and melware in Unix ? (2 Replies)
Discussion started by: Suriano10
2 Replies

8. AIX

Post mortem for critical Production AIX System Reboot/Crash

Hello All, Critical AIX production box crashed/rebooted while our team is working on it and we need to generate a detailed report for that, below are few questions that need to be included in the report. (We are System Administration team and everyone in our team has root access via sudo as well... (3 Replies)
Discussion started by: lovesaikrishna
3 Replies

9. Windows & DOS: Issues & Discussions

Windows XP keeps getting virus

Hi All, My old laptop has Windows XP. I reinstalled only last month and installed AVG free anti-virus. It's like every month, I get some kind of spyware or virus issue. which anti-virus software you guys using? Thanks. (8 Replies)
Discussion started by: samnyc
8 Replies

LEARN ABOUT DEBIAN

maketext

MAKETEXT(1p)						User Contributed Perl Documentation					      MAKETEXT(1p)

NAME

       maketext - translate and make messages

SYNOPSIS

	 maketext [OPTION] [--domain=TEXTDOMAIN] MSGKEY [PARAM...]
	 maketext [OPTION] -s MSGID [PARAM...]

DESCRIPTION

       The "maketext" script translates a natural language message into the user's language, by looking up the translation in a message MO file,
       and process the plural transformation with Maketext.

       The "maketext" script is a command-line interface to Locale::Maketext::Gettext(3) (and Locale::Maketext(3)).  It can be used in shell
       scripts, etc, to translate, maketext and return the result.  By this way, it enables Maketext to be integrated into other programming
       languages/systems, like bash/csh, python, PHP, C, etc.  It works like the command-line program gettext.

       For example:

	 % maketext -s "[*,_1,virus was,viruses were] found in [*,_2,file,files]." 0 1
	 0 viruses were found in 1 file.
	 % maketext -s "[*,_1,virus was,viruses were] found in [*,_2,file,files]." 1 3
	 1 virus was found in 3 files.
	 %

OPTIONS

       -d,--domain=TEXTDOMAIN
	   Retrieve translated messages from TEXTDOMAIN.

       -s  Adds a new line to the end of the output so that it behaves like the `echo' or the `gettext' command.

       -h,--help
	   Display the help messages.

       -V,--version
	   Display version information and exit.

       MSGKEY
	   The original text used to look up translated text.

       PARAM...
	   Parameters to Maketext for the plural and other text functions.

ENVIRONMENT

       TEXTDOMAIN
	   TEXTDOMAIN is used to determine the text domain when the -d parameter is not given.

       TEXTDOMAINDIR
	   TEXTDOMAINDIR is used to search the message catelog/MO file if it does not reside in the system locale directories.

NOTES

       Maketext language function override, like "quant" or "numerate", is not available here.	Suggestions are welcome.

       The current system locale directory search order is: /usr/share/locale, /usr/lib/locale, /usr/local/share/locale, /usr/local/lib/locale.
       Suggestions are welcome.

BUGS

       Report bugs to imacat <imacat@mail.imacat.idv.tw>

SEE ALSO

       Locale::Maketext(3), Locale::Maketext::TPJ13(3), Locale::Maketext::Gettext(3), Locale::Maketext::Gettext::Functions(3), bindtextdomain(3),
       textdomain(3).  Also, please refer to the official GNU gettext manual at <http://www.gnu.org/software/gettext/manual/>.

AUTHOR

       imacat <imacat@mail.imacat.idv.tw>

COPYRIGHT

       Copyright (c) 2003-2007 imacat. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same
       terms as Perl itself.

perl v5.10.0							    2007-03-28							      MAKETEXT(1p)
All times are GMT -4. The time now is 12:38 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy