thanks fedora

Tanmoy Chatterjee tachchot007 at gmail.com
Sat Sep 25 14:09:24 UTC 2010 

On Sat, Sep 25, 2010 at 4:04 AM, Robert Holtzman <holtzm at cox.net> wrote:
> On Fri, Sep 24, 2010 at 11:58:21PM +0530, Tanmoy Chatterjee wrote:
>> On Fri, Sep 24, 2010 at 3:03 AM, Robert Holtzman <holtzm at cox.net> wrote:
>> > On Thu, Sep 23, 2010 at 08:53:23PM +0530, Tanmoy Chatterjee wrote:
>> >> On Thu, Sep 23, 2010 at 3:30 AM, Robert Holtzman <holtzm at cox.net> wrote:
>> >
>> >            ........snip......
>> >>This makes me think that the hidden process might be
>> >> some kind of virus as there is no operation pending with the PD to my
>> >> knowledge.
>> >
>> > Does the output of "ps aux" indicate anything?
>>
>> "root      8597  0.0  0.0      0     0 ?        S<   21:50   0:00 [scsi_eh_4]
>> root      8598  0.0  0.0      0     0 ?        S<   21:50   0:00 [usb-storage]
>> root      8637  0.0  0.1   5180  1788 ?        S    21:50   0:00
>> hald-addon-storage: polling /dev/sdb (every 2 sec)" - this is the ps
>> aux output and /dev/sdb is the PD.
>
> Did you try killing 8598? If it screws you up you can always reboot
> (would someone please jump in if I committed  a Karl).
>
>>
>> >
>> >
>> > Does your PD have more than one partition? If so, I'm told (if I
>> > understood it right), "unmount" will not unmount all partitions which
>> > would account for the light staying on. "Safely Remove....." will. Also,
>> > all the pen drives I have used only display a light when they are being
>> > read or written to. Not constant.
>> My PD has only a single partition and it displays a constant light.
>> Two things I noted today - in Fedora: clicking /Places/Computer shows
>> the file systems including the PD. Here right clicking the PD icon
>> will come with 2 option one is 'eject(=unmount)' and the other is
>> 'safely remove'. Selecting eject will just unmount the volume from
>> file system or /home but /Places/Computer will still keep displaying
>> the PD icon. But selection of 'safely remove' option makes the PD icon
>> disappear from /Places/Computer too.
>>
>> In Ubuntu: they don't have the 2nd option only 'unmount volume' option
>> is available. So, selecting that option only unmount the PD from /home
>
> What Ubuntu version are you running? My 10.04 only shows "SafelyRemove".
>
> A usb drive doesn't get mounted in home. It mounts in /media. I
> unmount/Safely Remove from the icon on the desktop.
>
>> but the icon remains in the /Places/Computer folder. Here if you want
>> to remove the PD manually from the USB port, you have to do so with
>> the icon still appearing in /Places/Computer folder.
>> >
>> > Out of curiosity, what kind of files did clamav find infected? Mail
>> > files? Personal data files? System files? Configuration files?
>> "/media/xyz/xrdygg.bat: Trojan.Crypt-119 FOUND
>> /media/xyz/scvhost.exe: W32.Autoit.Obfus-2 FOUND
>> /media/xyz/MIsc/MIsc.exe: W32.Autoit.Obfus-2 FOUND
>> /media/xyz/autorun.inf: Worm.Autorun-1792 FOUND"
>> This is the part of output clamav had produced when I ran it on the PD.
>> Looking for your suggestions - thanks.
>
> How long have you been using Linux? Are you not aware that these are all
> Windows malware and won't run in Linux? Of course if you sent email to
> any Windows users you also probably sent them the worm (if not the
> rest). I can just about guarantee that your problem isn't caused by
> malware.
Thanks for your enlightening remarks - .exe => windows executable -
now I know, but I don't get my answer of why the PD keeps displaying
light even after the selection of unmount option in Ubuntu 9.04.
>
> To sum up, it looks like you have a lot of homework to do.
>
>> >
>> > --
>> > Bob Holtzman
>> > Key ID: 8D549279
>> > "If you think you're getting free lunch,
>> >  check the price of the beer"
>> >
>> > -----BEGIN PGP SIGNATURE-----
>> > Version: GnuPG v1.4.10 (GNU/Linux)
>> >
>> > iEYEARECAAYFAkybx6sACgkQv5BYD41UknkPmQCbBiPeaPOaptSWQTf7F2ekHNcy
>> > dsAAoMRoh3x/MEe/C3Y3wLoPc8Pv/4kh
>> > =h4oh
>> > -----END PGP SIGNATURE-----
>> >
>> > --
>> > ubuntu-users mailing list
>> > ubuntu-users at lists.ubuntu.com
>> > Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>> >
>> >
>>
>> --
>> ubuntu-users mailing list
>> ubuntu-users at lists.ubuntu.com
>> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
> --
> Bob Holtzman
> Key ID: 8D549279
> "If you think you're getting free lunch,
>  check the price of the beer"
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iEYEARECAAYFAkydJ1sACgkQv5BYD41UknkL2ACgmdPQvpm7gLwwURV2JSIPkEze
> 81oAn1XTheZl0oJvzv9m2MnF0urkiwVj
> =BFlx
> -----END PGP SIGNATURE-----
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
>

More information about the ubuntu-users mailing list