Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

MS virus in Linux swap file


  • Please log in to reply

#1
PJJ

PJJ

    New Member

  • Member
  • Pip
  • 9 posts
My Linux/Linspire box has picked up a MS virus in e-mail and is holding it in the swap file.
I know the virus will not be able to affect my system but it might migrate to other MS computers, isn't it?

I attempted to quarantine the swap file.
Did not work.

I renamed the swap file.
It reverted back to old name.

How do I get the virus out of the swap file?
Any ideas, please?


PS: I have used Klamav and Virus Scanner to locate the virus.
  • 0

Advertisements


#2
Kemasa

Kemasa

    Nobody

  • Technician
  • 1,645 posts
The swap file is needed for the system. Typically with a Linux system the swap is a partition, but you can run it from file on a filesystem.

The swap is just temp. space to write pages from memory, so you could just boot to single user and wipe the file out.

What type of partition is the system running on? For the most part Windoze does not know about Linux partitions, so it can not spread, but if it is running from a partition which Windoze knows about, then it could.
  • 0

#3
PJJ

PJJ

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Thank you for your input.

Linux/Linspire is running on its own hard drive. I have eliminated MS W2K completely from this machine except for a few data files that I need to access from time to time.
I have an entirely separate computer for MS since I still need to use Quickbooks.

The swap file is running in a partition Linspire created during installation. Size: 1 Gig.

I take it from your reply that I could just erase the swap file and have a new one built. Attempted to do something similar by renaming the swap file. That did not work.

I am also concluding from your reply that I could pass on the worm to MS Windows machine that interact with my Linux system via e-mail. Correct?

If yes, I will just nuke the swap file.
  • 0

#4
PJJ

PJJ

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Sorry, did not answer all of your questions. Swap file is on the 'exclusively' Linux partition.
Data files are on a separate hard drive in Fat32 format. Linux is ReiserFs, I believe.
  • 0

#5
Kemasa

Kemasa

    Nobody

  • Technician
  • 1,645 posts
In most cases, it is not possible to accidentally pass on the virus from Linux to Windoze. The executables will not run and so you pass it on you would have to forward the affected file.

Personally, it does not seem like sometime to worry about. I am not sure of why it would think that your swap file had a virus, but perhaps there is some data left in there what was not over-written.
  • 0

#6
PJJ

PJJ

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Thanks again for the information and advice.
I will do as you suggested - and slepp better.

Happy New Year!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP