Hi,
I had attached my pen-drive to a windows system, which led to loading of a
virus that creates a exe file in every folder that you open. Now to get rid
of that, I tried deleting the virus from my fedora system, however it just
won't go, and moreover it changes the access mode of the pen-drive to read
only on every delete attempt. I had tried this before and it worked, but
this time it is something different. Maybe the issue is specific to
pen-drives, because last time I tried this on a portable hard disk with
ntfs.
I have tried overwriting the exe files using the dd command (find -name *\
.exe ./ -exec dd -if=/dev/zero or some text file of={} bs=512 count=some
count enough to override the file size \;) to get rid of whatever code is in
the virus.
After running the above command, ls -l does shows the new attributes of the
file in terms of size and modified date etc, however again when I delete the
file, the original attributes are restored.
Then I tried formatting it, however after a certain point the format fails,
because again the access mode changes to read only mode.
I then tried overwriting the whole disk with the dd -if=/dev/zero, but that
fails too after certain point for the same reason.
Now the pen-drive is in a state that even when I attach it to windows, it is
accessed in read-only mode and am unable to do anything except for read the
data from it.
I will send in more details from the logs once I get back to my system.
Until then, if anyone has any pointers, please let me know.
Regards,
Ashish
p.s the AVG anti-virus also was not able to delete that virus.
