Solved

SCRIP TO DELETE

Posted on 2004-04-12
5
1,391 Views
Last Modified: 2007-12-19
I use win xp I scan virus ,below is the list of file that infected it can not delete I go to safe mode it can not delete , If I connect this hardisk in linux machine , How can I write script to delete those file .
THANK  




E:\SOUNDMX.EXE Trojan horse Startpage.DM
E:\WINDOWS\MSSYS.EXE Trojan horse Downloader.Donn.N
E:\WINDOWS\PRECON~1.EXE Trojan horse Startpage.3.BH
E:\WINDOWS\E69JG3~1.EXE Trojan horse Startpage.3.BH
E:\WINDOWS\FVPROT~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\USERCO~1.DLL Virus identified I-Worm/Netsky.Q
E:\WINDOWS\FNTLDR.EXE Trojan horse Startpage.DM
E:\WINDOWS\312766.EXE Trojan horse Downloader.Nex.B
E:\WINDOWS\SYSTEM32\MTWIRL32.DLL Trojan horse Startpage.EM
E:\WINDOWS\SYSTEM32\OLEHELP.EXE Trojan horse Startpage.EN
E:\WINDOWS\SYSTEM32\MSREXE.EXE Trojan horse BackDoor.Jeemp.A
E:\WINDOWS\SYSTEM32\SYS.EXE Trojan horse Downloader.Delf.BD
E:\WINDOWS\SYSTEM32\SOUNDMX.EXE Trojan horse Startpage.DM
E:\WINDOWS\SYSTEM\121711.EXE Trojan horse Dialer
E:\WINDOWS\PREFETCH\IEXPLO~1.PF Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\KAZAAL~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\BRITNE~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\KAZAAN~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\BRITNE~2.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\HARRYP~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\BRITNE~3.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\HARRYP~2.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\BRITNE~4.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\HARRYP~3.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\BR3060~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\HARRYP~4.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\BRD650~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\HAE5A9~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\BR44F8~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\HA4AE6~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\BR5D6C~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\MATRIX~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\BRB645~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\BR6712~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\EMINEM~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\BR73F6~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\EMINEM~2.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\EMINEM~3.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\EMINEM~4.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\EM3951~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\RINGTO~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\EMC49B~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\RINGTO~2.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\EMD815~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\ALTKIN~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\EM50BD~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\AMERIC~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\CLONIN~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\SADDAM~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\ARNOLD~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\WINDOW~1.EXE Virus identified I-Worm/Netsky.Q
E:\WINDOWS\PCHEALTH\UPLOADLB\WINDOW~2.EXE Virus identified I-Worm/Netsky.Q
0
Comment
Question by:teera
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 7

Assisted Solution

by:troopern
troopern earned 120 total points
ID: 10804037
the first question is, are you using NTFS or FAT32 as filesystem ?
If you are using NTFS you don't want to try using ntfs write support since it's quite unstable so far.

have you tried booting up with the XP install cd to use recovery console ? from this console you might be able to remove these worm files.
0
 
LVL 45

Accepted Solution

by:
sunnycoder earned 230 total points
ID: 10804041
Hi teera,

mount the drive
1. create a directoy to mount the drive
2. give mount command mount -t FAT32 /dev/hda3 /mount/directory

to remove files
1. sed 's:E\::mount/directory:' filelist .... to form complete path
2. cat filelist | while read name
   do
          rm $name
   done

Sunnycoder
0
 
LVL 7

Assisted Solution

by:troopern
troopern earned 120 total points
ID: 10804646
sunnycoder, that script would work just fine, if it is a FAT32 system. if it's a NTFS system it's not that easy.
0
 
LVL 45

Assisted Solution

by:sunnycoder
sunnycoder earned 230 total points
ID: 10804740
I agree ... NTFS support was not complete till 2.4  ... Did not check for 2.6
But FAT32 must not be a problem
0
 
LVL 7

Assisted Solution

by:troopern
troopern earned 120 total points
ID: 10805251
In 2.6 it's more complete than in 2.4, but it's not entirely stable on the write support side.
It can mess upp the entire disk since the rights issues are not compltely solved as far as I know.

A FAT system is no problem at all to handle in Linux.
0

Featured Post

Three Considerations for Containers

Containers like Docker and Rocket are getting more popular every day. In my conversations with customers, they consistently ask what containers are and how they can use them in their environment. If you’re as curious as most people, read our article on Experts Exchange.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question