How remove this zombie


#1

Hi,
how I remove this zombie, from the last installation of archlabs.
I check if there is even in previous installations.
Regards

'/run/media/provakaos/Windows 8.1/cloni del disco nuovo w.d mate-xfce4/zombies.sh' --admin
zombie processes found:
.
pid: 8823 *** parent_pid: 8820 *** status: Z *** process: [jgmenu-lx]
Kill zombies? [y/n]: 

#2

What the hell!? What is that? I run Windows 10 and I have never seen that. Have you tried searching to see what it is? Also, do you have a virus/malware software on board?


#3

I’ve heard you kill a zombie by destroying the brain…

…oh sorry wrong zombie…

Do you run Windows as a dual boot?


#4

Does a zombie actually have a brain? Sorry I only have two brain cells. Lol I am still waiting on @ector reply as well, this sounds ominous.


#5

Just checked out what a zombie is. His computer may be hacked and made into a bot. Question is, by what method.


#6

It’s got to be Windows related?!?


#7

I started the script from a windows folder.
I solved, I commented on the following line in jmenu:
#csv_cmd = lx

provakaos@ultimoarchlabs ~ % '/run/media/provakaos/Windows 8.1/cloni del disco nuovo w.d mate-xfce4/zombies.sh' --admin
no zombies found!
provakaos@ultimoarchlabs ~ % 

riedit
the zombie I saw it giving top, so I tried with the script, to see if it fixed, killing it, but it did not happen, so I asked here


#8

off topic
here the script to search for zombies and kill

 #!/bin/bash
    # Zombie processes killing script.
    # Must be run under root.
    case "$1" in
    --admin)
            stat=`ps ax | awk '{print $1}' | grep -v "PID" | xargs -n 1 ps lOp | grep -v "UID" | awk '{print"pid: "$3" *** parent_pid: "$4" *** status: "$10" *** process: "$13}' | grep ": Z"`
    
            if ((${#stat} > 0));then
                echo zombie processes found:
            echo .
            ps ax | awk '{print $1}' | grep -v "PID" | xargs -n 1 ps lOp | grep -v "UID" | awk '{print"pid: "$3" *** parent_pid: "$4" *** status: "$10" *** process: "$13}' | grep ": Z"
            echo -n "Kill zombies? [y/n]: "
            read keyb
            if [ $keyb == 'y' ];then
            echo killing zombies..
            ps ax | awk '{print $1}' | grep -v "PID" | xargs -n 1 ps lOp | grep -v "UID" | awk '{print$4" status:"$10}' | grep "status:Z" | awk '{print $1}' | xargs -n 1 kill -9
            fi
        else
            echo no zombies found!
        fi
    ;;
    --cron)
        stat=`ps ax | awk '{print $1}' | grep -v "PID" | xargs -n 1 ps lOp | grep -v "UID" | awk '{print"pid: "$3" *** parent_pid: "$4" *** status: "$10" *** process: "$13}' | grep ": Z"`
            if ((${#stat} > 0));then
            ps ax | awk '{print $1}' | grep -v "PID" | xargs -n 1 ps lOp | grep -v "UID" | awk '{print$4" status:"$10}' | grep "status:Z" | awk '{print $1}' | xargs -n 1 kill -9
        echo `date`": killed some zombie proceses!" >> /var/log/zombies.log
        fi
    ;;
    *)   echo 'usage: zombies {--cron|--admin}'
    ;;
    esac
    exit 0

#9

Dude, since this script worked, that means your computer is being hacked through your Windows OS. Do you have a antivirus software with antibot protection installed?


#10

What are you talking about??
violated what?
I put the script, I in that folder!


#11

You made that zombie virus?


#12

I’ve got it from a forum years ago, I think the ubuntu forum, if I remember correctly, or from a lunux blog, it’s been a long time since I’ve had it.
I gave him the zombie name


#13

Oh! Now I see! Lol I asked earlier what was this ‘zombie’ but I didn’t get a reply. So, I went and researched and found that there is a virus called ‘zombie’ in which hackers would infect computers and make a network of bots to do whatever they want them to do without the knowledge of the owners.


#14

I believe you have not read all my posts, this morning.


#15

Misunderstanding. We both didn’t communicate well. Last night I asked, got no response. So I presumed on a hunch and researched. This is what I am trying to tell you. I understand now that you have a script that you put in yourself that you called zombie but couldn’t shut it off.


#16

I solved.
the zombie in htop, it’s gone.
I commented on the following line in jmenu:
#csv_cmd = lx

I hope I explained myself, I use a translator, English is not my language.
Thank


#17

Okay, I got it. Probably your translator may be mistranslating my responses. I had a suspicion that you were either of Spanish or Portuguese origin by your pseudonym. Actually, if you think about it, this is kind of comical. Almost like keystone cops in the very old movies with Charlie Chaplin.


#18

And, yes, I know that you have solved your issue. Congratulations!


#19

I’m Italian, but I’m not as good as totò.
If you want to laugh look at the malafemmina or the band of the honest, there are also in your language.
:smile::smile:


#20

See, I can’t even get your nationality correct. I have forgotten Italians have some similarities with Spanish, just as English has some similarities as well. I have to take a look at those two some day. So busy that I can’t even keep up with myself. :joy: