UNIX for Dummies Questions & Answers

Hi,

My pen-drive got infected with a virus when I used it on a windows system.

When working on a fedora system, I could view the files that the virus created, and the virus exe file itself.
I navigated into the pen drive using the bash prompt, and opened the virus exe file with the vi editor. I deleted all the lines in the file and saved the file. Now the file contains nothing (details of the files and folders provided below)

The trouble is that I'm not able to delete the file.
The folder that contains the two virus files shows this for an ls -l

-rwxr-xr-x 1 p913001 root 19 2008-11-03 00:32 Desktop.ini
-rwxr-xr-x 1 p913001 root 29 2008-11-03 00:33 ise32.exe

Question 1:
I've tried modifying the file permissions with chmod, but still couldn't delete the file. How to delete it?
Question 2:
If I simply delete these file from the pen drive, can I consider my pen drive virus free? (additionally, since the ise32.exe file now contains nothing, does it mean that the virus is dead?)

Details:
The root folder of the pen-drive contained an autorun.inf file which the virus created. I deleted that file.
There's a folder called 'restore' which I can't delete. This 'restore' folder contains a folder called 'S-1-5-21-1482476501-1644491937-682003330-1013'. It is this S-1-5-21-1482476501-1644491937-682003330-1013 folder which contains the Desktop.ini file and the ise32.exe file.

Why not format ie. mkfs it?

Well, Fedora doesn't provide the option to format a pen-drive.
As for mkfs, I'm worried if it'll format the pen drive in some format that I won't be able to use it on a windows system again....
What parameters could I use for the mkfs command to format the pen drive without any problem?

More importantly, I'd like to know how to delete those virus files and whether just deleting them gets rid of the virus?

Do I need to change the permissions from 'root' to something else? If so, how?

Well it is next to impossible to destroy your Pen drive with only software ( you might have to rewrite the partition table if anything failed, but it would still be ok) ... just try formatting it with fat32.... mkfs.fat32 (your commands might be different, never used fedora) And the data will be gone(EVERYTHING stored on the stick; if there is anything important back-up scan with ClamAV and then put it back on afterwards).

The permissions should be ok....

Hey, thanks a lot for the reply....could I get a confirmation about the Fedora part? One more thing....should I navigate into the root directory of the pen drive and then type mkfs.fat32 or can I do it from the root directory of the hard disk itself (I've got a feeling this is a stupid question, but I'm a unix newbie)

P.S: During this period of time, I took my pen-drive to a clean windows system, scanned it with Avast (and no virus was detected, probably coz I removed all the code from the exe file and I formatted it in windows)
But a friend borrowed it and got it infected again....this time, there's a wcluf.pif file and an autorun.inf file in the pen drive. It doesn't look like a virus to me, but I'm gonna try removing the contents of these two files too (Bless this VI editor)

Meanwhile, I'm repeating the question for the third time...if anyone knows the answer, please reply: the virus files weren't getting deleted, probably coz it had root permissions or something. The ls -l command output which I posted above shows it. How can I delete those files?

ok step-by-step ( do this on a root shell)

a) Find the device your USB stick is on
type "mount"
this will list all drives you have. Note where your USB stick is
(something like /dev/sdb1 ,etc... , starts with /dev/ ).
b) Then you should type "umount (path to your USB stick device, starts with /dev/,m the one you got in step 1 )"
c) then you type "mkfs.fat32 (path to USB stick device from a)


Note: you should not have any programs accessing your USB stick during the procedure or umount might fail...