Backing up files on a badly malware infested computer.

doug dmcgarrett at
Thu Jan 26 17:30:22 UTC 2012

On 01/26/2012 12:07 AM, Bill Stanley wrote:
> >> That's a bad thing. The BIOS may have been infected. Did you check the
>>> boot order (CD player, HDD, USB, etc)?
> An expert of removing viruses said that BIOS viruses are rare.  As 
> such, I am assuming that there isn't one.  I did succeed in putting a 
> new operating system in.  While I was at it, I put in an unused HD 
> that I had and that HD became the master drive (C:) with her old drive 
> becoming F:.  When I tried deleting the old installation except for 
> the data directories I was not able to delete those two files for 
> Adobe Reader. No matter how hard I try, they are still there.  Read 
> about the details in a previous posting.  It would be nice to get rid 
> of these files because they are preventing me from doing an efficient 
> defrag of the disk.  ( CURSE YOU ADOBE! )

I'm not an expert, but I think this will work:  (I'm assuming you don't 
have Linux on your new drive.  If you do, then the first
step is unnecessary.)  I don't remember if Ubuntu has Dolphin file 
manager, but I'm assuming it does.

Boot the system on a Linux Live CD.  (Presumably you have replaced the 
defective drive.)  This Linux CD should have Dolphin on
it.  Using Dolphin, select the drive that has the Adobe files on it.  
Just selecting it will mount it.  Now, depending on what's next, you
can try to delete the Adobe files.  The easiest:  just find the files in 
Dolphin and delete them.  This may not work, since they
may have some permission bit set.  In this case, you will have to use 
the command line.  What you are going to do is to
remove all the permissions that prevent a  user from removing the 
files.  You will already know, from Dolphin, what directory
the files are in, so navigate to that directory.  Do su and put in your 
password, to become superuser.  (In Ubuntu, you may
have to do sudo in front of each command, instead of using su.) Then 
issue the command chmod 4777 filename.  Now issue
rm filename.  (The filename must include the entire entry, with any 
extensions, etc.)  Do ls -la and see if the filename is gone from
the directory.  It should be, unless I missed something. Do this for the 
other Adobe file, and you're done.

If I've missed something, someone smarter than me will chime in and tell 


> Bill Stanley

More information about the ubuntu-users mailing list