Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Antivirus question xi.exe?

Featured Replies

So randomly while looking with mc one under mnt/user a file xi.exe shows up...which brings the question..is there antivirus for unraid? do we need it...and is the xi.exe a virus? is my unraid build have virus now or can i delete it?

Linux has very few viruses and it is dificult to infect.... if you copy a file that has a windows virus it wont infect the server but it will infect the windows computers you copy the file to... i would worry about the windows for any virus.

you could run a scan from your windows machine on the networked share ....

if it says this file is a virus ... then eliminate it from within MC

but like the user above said ... it will have been probably the windows machine who will have been infected and who wrote the file on the share

 

i would start checking all your windows machines to see if they are not infected

also NEVER use a thumbdrive from somebody else without checking it first ...

seen this happen already a few times with colleagues that just pass on thumbdrives and then got infected...

kaspersky and a few others have a nice app for that that checks every thumb upon insertion

 

 

  • Author

Thanks guys!

it is definately a windows worm :P

 

http://about-threats.trendmicro.com/ArchiveMalware.aspx?language=us&name=WORM_YDORB.FF

 

Malware type: Worm

 

Aliases: Backdoor.Win32.Rirc.b (Kaspersky), W32/Rirc.worm.gen (McAfee), W32.IRCBot (Symantec), BDS/Rirc.B (Avira), W32/Rirc-C (Sophos),

 

In the wild: Yes

 

Destructive: No

 

Language: English

 

Platform: Windows 95, 98, ME, NT, 2000, XP

 

Encrypted: No

 

 

Overall risk rating:

 

 

Low

 

Reported infections:

 

 

Low

 

Damage potential:

High

 

Distribution potential:

High

 

Description:

 

This malware has both worm and backdoor functionalities.

 

It tries to propagate across the network by accessing shares using a list of user names and passwords. It drops a copy of itself as XI.EXE on accessed shares.

 

It utilizes Internet Relay Chat (IRC) for its backdoor routines. It attempts to connect to an IRC server with IP address, 213.221.189.3. Through this connection, a remote user can gain access to the system, leaving it compromised.

 

It allows the remote user to do any or all of the following:

 

    * Create an IRC user account and join a channel

    * Download WINLIB.EXE from a remote Web site and execute it

    * Send a message

    * Get status report from the compromised machine

    * Ping a particular URL

    * Disconnect the backdoor connection

 

For additional information about this threat, see:

 

Description created: Apr. 2, 2004 12:05:19 PM GMT -0800 Description updated: Apr. 2, 2004 12:46:54 PM GMT -0800

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.