Dominoes in my text files - Page 2

***Dan*** · #16 13th October 2012, 08:59 PM

Glenn is absolutely correct.

However, that being said, I really kinda doubt you've been rootkited. What I think you have going on here is a combination of good old healthy paranoia, (always a good thing whence dealing with Windows) some functional misunderstandings about how Linux works, and a problem jumping between two operating systems (with WINE in the middle) and the relative incompatibility of skills required to deal with each and both.

And that being said, I don't have a helluva lot of evidence to back that up ... yet. It's just a bit of a hunch.

So ... don't delete anything until you get more of this sorted out! If I'm right, there's not a durn thing wrong with your data. If I'm wrong, as Glenn has already well indicated, it's all pretty much toasted, and you'll have to scrap it all to remain safe.

***Dan*** · #17 13th October 2012, 11:35 PM

Threads merged.

figleaf · #18 14th October 2012, 12:52 AM

Dan, please separate my two threads. By merging them, you deleted replies. For example, Dan you replied to what Glenn said. What did Glenn say? Its no longer in the thread.

My two theads are separate problems and should be treated as separate threads. Also, I don't see my threads in the Security forum any longer. What happened to them?

I listed two problems in my Domino thread: dominos inside my plain text files and my plain text files becoming encoded executable files.

In my Enormous Rootkit thread, I discussed very unusual large items inside five of my medical folders. They are inside my folders, not inside my text files. My five folders have archive folders, executable files and files titled with dominoes, numbers, letters and strange characters.

Just now, I booted to a live CD of Parted Magic to examine them. There are visible and hidden items inside the folders. For example, my 2012 medical folder has 112 items. One of these items is a blue folder. The blue folder has 3,501 visible items and 318 hidden items. The properties of the blue folder is over 465 TB, over 230,247 items and 1021 folders. Very bizarre.

Dan, I would appreciate if you would restore my two threads so others can help me. Thank you.

***Dan*** · #19 14th October 2012, 01:32 AM

Figleaf, I joined them because I suspect we are looking at two different aspects or symptoms of the same root problem, and all responses that were present in the individual threads have been merged here faithfully (and chronologically). Nothing was lost in the process. I also do not think you have a security problem here. If anything, I suspect you may have a disk/file corruption issue which your continued poking at can only further complicate.

That being said, I begin to suspect that the issues you are having are also significant enough to warrant professional attention, and may well be beyond the scope of a venue such as this forum. Your data is at significant risk. At this point, I highly recommend that you stop attempting to change/work on things until a professional technician, fully qualified and experienced in Linux, can physically look the situation over in a controlled shop/laboratory environment.

You are still, of course, free to pursue this here in this thread, but without the benefit of attached files and clear screenshots to work from, those attempting to assist you are at an extreme disadvantage.

hmmsjan · #20 14th October 2012, 09:19 AM

Dominoes in text file:

Interesting to know what the character codes of the dominoes are. If you dump the file with
"od -c nameofyourfile.txt" or some other hex editor you can find the offending characters and look to which character set they belong.

About the rootkitted memory card: just a dumb question: did you properly unmount the SD-Card before removing it from the card reader?

Good luck.

Skull One · #21 14th October 2012, 09:28 AM

Oh my!
From the OP, you told about using text editors instead of office suite, and the problem being dominoes instead of dashes.
So, I thought the problem was just some utf8 dash symbol being opened as an ascii character (I provided an example in that way), and ask you to check the encoding of the file.

But now it looks like a completely different problem, more like a filesystem error (and a windows filesystem, outch!).
If you value your data (from their name, I guess you are), do not do anything funny!
I agree with Dan, maybe it is time to call a professional.

figleaf · #22 14th October 2012, 08:01 PM

Below are links to three screenshots of the "Enormous Rootkit" on my 8 GB micro SD card. I looked into Google Docs, dropbox and Amazon cloud. They are require software to be downloaded. I didn't realize until today that my email client now offers uploading files. The rootkit is inside five folders. It takes three screenshots per folder to capture the items in each folder. I uploaded a tiny fragment of the "rootkit." One photo depicts four archive folders. A photo of a blue folder depicts three blue folders and files within it.

To clarify, the "Enormous rootkit" files on my SDcard are not my personal files. I never zip up files into archives. PartedMagic detected alot of hidden files in those folders. I do not hide files.

I have been rootkited. I will post DMESG logs of this in my next reply.

Another problem I have been having is disappearing text files on my HP 32 GB flashdrive. Yesterday, when I used a live CD of Parted Magic, Parted Magic detected hidden files but could not unhide them. Neither could Fedora. This morning, I inserted
my flashdrive into my Lemote Yeeloong MIPS netbook that has Redflag KDE Linux preinstalled. Redflag detected the hidden files as .goutputstream files. Mime type: auto (application/octet-stream) They are executable. Leafpad opened them. They were my missing text files. How to prevent this from happening? Why didn't Fedora and Parted Magic show these hidden files?

I think the cracker grew wary of my identifying the text files he made executable and my copying and pasting the contents of the executable files back into plain text files. So, he changed my text files into goutputstream and hid them.

#23 14th October 2012, 08:09 PM

Quote:

Originally Posted by figleaf

Below are links to three screenshots of the "Enormous Rootkit" on my 8 GB micro SD card. I looked into Google Docs, dropbox and Amazon cloud. They are require software to be downloaded. I didn't realize until today that my email client now offers uploading files. The rootkit is inside five folders. It takes three screenshots per folder to capture the items in each folder. I uploaded a tiny fragment of the "rootkit." One photo depicts four archive folders. A photo of a blue folder depicts three blue folders and files within it.

To clarify, the "Enormous rootkit" files on my SDcard are not my personal files. I never zip up files into archives. PartedMagic detected alot of hidden files in those folders. I do not hide files.

I have been rootkited. I will post DMESG logs of this in my next reply.

Another problem I have been having is disappearing text files on my HP 32 GB flashdrive. Yesterday, when I used a live CD of Parted Magic, Parted Magic detected hidden files but could not unhide them. Neither could Fedora. This morning, I inserted
my flashdrive into my Lemote Yeeloong MIPS netbook that has Redflag KDE Linux preinstalled. Redflag detected the hidden files as .goutputstream files. Mime type: auto (application/octet-stream) They are executable. Leafpad opened them. They were my missing text files. How to prevent this from happening? Why didn't Fedora and Parted Magic show these hidden files?

I think the cracker grew wary of my identifying the text files he made executable and my copying and pasting the contents of the executable files back into plain text files. So, he changed my text files into goutputstream and hid them.

The .goutputstream file you posted is plain text

Code:

]$ file goutputstream-YE9LZQ 
goutputstream-YE9LZQ: UTF-8 Unicode text

***Dan*** · #24 14th October 2012, 08:15 PM

Your image links were broken, so I removed them. (With the single exception of the last one, which attempted to open an executable file. If you attempt to post that one again, this whole adventure is over right then and there.)

Please use the built in forum albums/photos function to post your screenshots.

***Dan*** · #25 14th October 2012, 08:53 PM

Just looked at the screenshots (in your forum albums) ... yikes! That's a mess!

figleaf · #26 14th October 2012, 08:53 PM

Yellowman, the .goutputstream files are not merely plain text files. Though Properties identifies them as such, properties also identifies them as executable. They are also hidden files. Hidden from Fedora and Parted Magic. Dan posted that it was executable.

How to prevent my text files from being changed into goutputstream files and executable temp backup files? I wanted to upload one of the executable back up text files but didn't because Dan posted he didn't want me to upload more executable files.

Below is a DMESG log that may provide more information. I do not know how to interpret DMESG logs. My DMESG logs on my Fedora netbook do not start from the beginning such as the Fedora OS, boot information, memory information, etc.

[ 4.092568] dracut: Scanning devices sda2 for LVM logical volumes vg_pc/lv_root vg_pc/lv_swap

[ 4.211209] dracut: inactive '/dev/vg_pc/lv_swap' [1.97 GiB] inherit

[ 4.211770] dracut: inactive '/dev/vg_pc/lv_home' [245.62 GiB] inherit

[ 4.212229] dracut: inactive '/dev/vg_pc/lv_root' [50.00 GiB] inherit

[ 4.373343] input: ETPS/2 Elantech Touchpad as /devices/platform/i8042/serio1/input/input6

[ 4.644736] EXT4-fs (dm-1): mounted filesystem with ordered data mode. Opts: (null)

[ 4.850873] dracut: Checking ext4: /dev/mapper/vg_pc-lv_root

[ 4.851878] dracut: issuing e2fsck -a /dev/mapper/vg_pc-lv_root

[ 4.951313] dracut: _Kororaa: clean, 179254/3225600 files, 1368631/13107200 blocks

[ 4.953514] dracut: Remounting /dev/mapper/vg_pc-lv_root with -o ro

[ 5.045736] EXT4-fs (dm-1): mounted filesystem with ordered data mode. Opts: (null)

[ 5.138747] dracut: Mounted root filesystem /dev/mapper/vg_pc-lv_root

[ 5.489725] dracut: Switching root

[ 6.268375] type=1404 audit(1010829667.470:2): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295

[ 6.975079] SELinux: 2048 avtab hash slots, 101528 rules.

[ 7.018064] SELinux: 2048 avtab hash slots, 101528 rules.

[ 7.470723] SELinux: 9 users, 15 roles, 4169 types, 223 bools, 1 sens, 1024 cats

[ 7.470734] SELinux: 83 classes, 101528 rules

[ 7.483810] SELinux: Permission ptrace_child in class process not defined in policy.

[ 7.484209] SELinux: the above unknown classes and permissions will be allowed

[ 7.484227] SELinux: Completing initialization.

[ 7.484230] SELinux: Setting up existing superblocks.

[ 7.484278] SELinux: initialized (dev sysfs, type sysfs), uses genfs_contexts

[ 7.484292] SELinux: initialized (dev rootfs, type rootfs), uses genfs_contexts

[ 7.484320] SELinux: initialized (dev bdev, type bdev), uses genfs_contexts

[ 7.484333] SELinux: initialized (dev proc, type proc), uses genfs_contexts

[ 7.484359] SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs

[ 7.484406] SELinux: initialized (dev devtmpfs, type devtmpfs), uses transition SIDs

[ 7.485478] SELinux: initialized (dev sockfs, type sockfs), uses task SIDs

[ 7.485491] SELinux: initialized (dev debugfs, type debugfs), uses genfs_contexts

[ 7.486717] SELinux: initialized (dev pipefs, type pipefs), uses task SIDs

[ 7.486737] SELinux: initialized (dev anon_inodefs, type anon_inodefs), uses genfs_contexts

[ 7.486747] SELinux: initialized (dev devpts, type devpts), uses transition SIDs

[ 7.486781] SELinux: initialized (dev hugetlbfs, type hugetlbfs), uses transition SIDs

[ 7.486796] SELinux: initialized (dev mqueue, type mqueue), uses transition SIDs

[ 7.486815] SELinux: initialized (dev selinuxfs, type selinuxfs), uses genfs_contexts

[ 7.486839] SELinux: initialized (dev sysfs, type sysfs), uses genfs_contexts

[ 7.487492] SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs

[ 7.487521] SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs

[ 7.487593] SELinux: initialized (dev dm-1, type ext4), uses xattr

[ 7.488144] SELinux: initialized (dev securityfs, type securityfs), uses genfs_contexts

[ 7.522773] type=1403 audit(1010829668.724:3): policy loaded auid=4294967295 ses=4294967295

[ 7.534754] systemd[1]: Successfully loaded SELinux policy in 1s 292ms 828us.

[ 7.661998] SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs

[ 7.674153] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 7.887561] systemd[1]: Relabelled /dev and /run in 213ms 54us.

[ 7.953140] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 7.961227] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 7.969263] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 7.977132] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 7.985170] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 7.993210] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 8.001198] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 8.009123] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 8.009520] systemd[1]: systemd 44 running in system mode. (+PAM +LIBWRAP +AUDIT +SELINUX +IMA +SYSVINIT +LIBCRYPTSETUP; fedora)

[ 8.082420] systemd[1]: Set hostname to <pc>.

[ 10.144001] SELinux: initialized (dev autofs, type autofs), uses genfs_contexts

[ 10.722345] systemd-journald[365]: Fixed max_use=49.7M max_size=6.2M min_size=64.0K keep_free=24.8M

[ 10.811726] systemd-journald[365]: Vacuuming...

[ 11.424872] udevd[370]: starting version 182

[ 11.753273] SELinux: initialized (dev hugetlbfs, type hugetlbfs), uses transition SIDs

[ 11.753284] SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs

[ 11.753318] SELinux: initialized (dev configfs, type configfs), uses genfs_contexts

[ 12.270067] EXT4-fs (dm-1): re-mounted. Opts: (null)

[ 18.365281] Adding 2064380k swap on /dev/mapper/vg_pc-lv_swap. Priority:0 extents:1 across:2064380k

[ 21.655582] EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: (null)

#27 14th October 2012, 09:14 PM

Quote:

Originally Posted by Dan

Your image links were broken, so I removed them. (With the single exception of the last one, which attempted to open an executable file. If you attempt to post that one again, this whole adventure is over right then and there.)

Please use the built in forum albums/photos function to post your screenshots.

LOL (I nearly pissed myself laughing)

The last file was totally harmless, just plain text.

---------- Post added at 09:14 PM ---------- Previous post was at 09:05 PM ----------

Quote:

Originally Posted by figleaf

Yellowman, the .goutputstream files are not merely plain text files. Though Properties identifies them as such, properties also identifies them as executable. They are also hidden files. Hidden from Fedora and Parted Magic. Dan posted that it was executable.

How to prevent my text files from being changed into goutputstream files and executable temp backup files? I wanted to upload one of the executable back up text files but didn't because Dan posted he didn't want me to upload more executable files.

Below is a DMESG log that may provide more information. I do not know how to interpret DMESG logs. My DMESG logs on my Fedora netbook do not start from the beginning such as the Fedora OS, boot information, memory information, etc.

[ 4.092568] dracut: Scanning devices sda2 for LVM logical volumes vg_pc/lv_root vg_pc/lv_swap

[ 4.211209] dracut: inactive '/dev/vg_pc/lv_swap' [1.97 GiB] inherit

[ 4.211770] dracut: inactive '/dev/vg_pc/lv_home' [245.62 GiB] inherit

[ 4.212229] dracut: inactive '/dev/vg_pc/lv_root' [50.00 GiB] inherit

[ 4.373343] input: ETPS/2 Elantech Touchpad as /devices/platform/i8042/serio1/input/input6

[ 4.644736] EXT4-fs (dm-1): mounted filesystem with ordered data mode. Opts: (null)

[ 4.850873] dracut: Checking ext4: /dev/mapper/vg_pc-lv_root

[ 4.851878] dracut: issuing e2fsck -a /dev/mapper/vg_pc-lv_root

[ 4.951313] dracut: _Kororaa: clean, 179254/3225600 files, 1368631/13107200 blocks

[ 4.953514] dracut: Remounting /dev/mapper/vg_pc-lv_root with -o ro

[ 5.045736] EXT4-fs (dm-1): mounted filesystem with ordered data mode. Opts: (null)

[ 5.138747] dracut: Mounted root filesystem /dev/mapper/vg_pc-lv_root

[ 5.489725] dracut: Switching root

[ 6.268375] type=1404 audit(1010829667.470:2): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295

[ 6.975079] SELinux: 2048 avtab hash slots, 101528 rules.

[ 7.018064] SELinux: 2048 avtab hash slots, 101528 rules.

[ 7.470723] SELinux: 9 users, 15 roles, 4169 types, 223 bools, 1 sens, 1024 cats

[ 7.470734] SELinux: 83 classes, 101528 rules

[ 7.483810] SELinux: Permission ptrace_child in class process not defined in policy.

[ 7.484209] SELinux: the above unknown classes and permissions will be allowed

[ 7.484227] SELinux: Completing initialization.

[ 7.484230] SELinux: Setting up existing superblocks.

[ 7.484278] SELinux: initialized (dev sysfs, type sysfs), uses genfs_contexts

[ 7.484292] SELinux: initialized (dev rootfs, type rootfs), uses genfs_contexts

[ 7.484320] SELinux: initialized (dev bdev, type bdev), uses genfs_contexts

[ 7.484333] SELinux: initialized (dev proc, type proc), uses genfs_contexts

[ 7.484359] SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs

[ 7.484406] SELinux: initialized (dev devtmpfs, type devtmpfs), uses transition SIDs

[ 7.485478] SELinux: initialized (dev sockfs, type sockfs), uses task SIDs

[ 7.485491] SELinux: initialized (dev debugfs, type debugfs), uses genfs_contexts

[ 7.486717] SELinux: initialized (dev pipefs, type pipefs), uses task SIDs

[ 7.486737] SELinux: initialized (dev anon_inodefs, type anon_inodefs), uses genfs_contexts

[ 7.486747] SELinux: initialized (dev devpts, type devpts), uses transition SIDs

[ 7.486781] SELinux: initialized (dev hugetlbfs, type hugetlbfs), uses transition SIDs

[ 7.486796] SELinux: initialized (dev mqueue, type mqueue), uses transition SIDs

[ 7.486815] SELinux: initialized (dev selinuxfs, type selinuxfs), uses genfs_contexts

[ 7.486839] SELinux: initialized (dev sysfs, type sysfs), uses genfs_contexts

[ 7.487492] SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs

[ 7.487521] SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs

[ 7.487593] SELinux: initialized (dev dm-1, type ext4), uses xattr

[ 7.488144] SELinux: initialized (dev securityfs, type securityfs), uses genfs_contexts

[ 7.522773] type=1403 audit(1010829668.724:3): policy loaded auid=4294967295 ses=4294967295

[ 7.534754] systemd[1]: Successfully loaded SELinux policy in 1s 292ms 828us.

[ 7.661998] SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs

[ 7.674153] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 7.887561] systemd[1]: Relabelled /dev and /run in 213ms 54us.

[ 7.953140] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 7.961227] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 7.969263] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 7.977132] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 7.985170] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 7.993210] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 8.001198] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 8.009123] SELinux: initialized (dev cgroup, type cgroup), uses genfs_contexts

[ 8.009520] systemd[1]: systemd 44 running in system mode. (+PAM +LIBWRAP +AUDIT +SELINUX +IMA +SYSVINIT +LIBCRYPTSETUP; fedora)

[ 8.082420] systemd[1]: Set hostname to <pc>.

[ 10.144001] SELinux: initialized (dev autofs, type autofs), uses genfs_contexts

[ 10.722345] systemd-journald[365]: Fixed max_use=49.7M max_size=6.2M min_size=64.0K keep_free=24.8M

[ 10.811726] systemd-journald[365]: Vacuuming...

[ 11.424872] udevd[370]: starting version 182

[ 11.753273] SELinux: initialized (dev hugetlbfs, type hugetlbfs), uses transition SIDs

[ 11.753284] SELinux: initialized (dev tmpfs, type tmpfs), uses transition SIDs

[ 11.753318] SELinux: initialized (dev configfs, type configfs), uses genfs_contexts

[ 12.270067] EXT4-fs (dm-1): re-mounted. Opts: (null)

[ 18.365281] Adding 2064380k swap on /dev/mapper/vg_pc-lv_swap. Priority:0 extents:1 across:2064380k

[ 21.655582] EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: (null)

Quote:

Yellowman, the .goutputstream files are not merely plain text files. Though Properties identifies them as such, properties also identifies them as executable. They are also hidden files. Hidden from Fedora and Parted Magic. Dan posted that it was executable.

Does it matter that they are executable as they contain no runnable code.
If it bothers you that much change it

Code:

chmod -x whatever_file

Dan is a trigger happy Texan

Could you also post the output for this command

Code:

locale

***Dan*** · #28 14th October 2012, 09:15 PM

Okey dokey. Good to know. <..

..> I'd rather be safe than sorry, and in the unlikely event that figleaf was actually rootkitted/infected, the risk wasn't appropriate.

That being said, I have also removed the contents of the file as you posted them as it obviously involves private medical records that don't need to be publicly exposed. Here in the US, we have to be concerned about liability involved in such things.

figleaf · #29 16th October 2012, 12:52 AM

Yellowman, are you saying that all UTF-8 files are just plain text files?" Does using the command line give more information than simply right clicking on the file and selecting properties? Properties identifies the file as UTF-8.

Yellowman wrote: ""The last file was totally harmless, just plain text.
]$ file goutputstream-YE9LZQ
goutputstream-YE9LZQ: UTF-8 Unicode text

Yes, Yellowman it bothers me tremendously that my text files are executable and turning into hidden goutputstream files. It also bothers me to have executable backup files. You examined one text file and assumed the others don't have running code. I would not make that assumption. Your instructions on how to make text files unexecutable is confusing: Code:"chmod -x whatever_file"

Manually hunting for hidden goutputstream files, backup files and text files that appear like plain text but are not, and changing every text file each time I create a file and each time I edit a file is not solving the problem.

I am having a problem on my Yeeloong similar to my Asus netbook with fedora installed. Every single text file that leafpad creates or edits on my flashdrive is executable regardless whether I save the text file as a LF, CR + LF or CR. When I save text files to my desktop, they are not executable.

I do not understand the instructions: If you dump the file with""od -c nameofyourfile.txt"

I am frustrated with the lack of complete understandable instructions and solutions.

Yellowman, you requested the outcome of locale. This weekend, I shipped my Asus netbook back to Asus to hopefully replace the processor and memory under the warranty. I performed locale on my Lemote Yeeloong MIPS netbook. The outcome is below.

yee@Loong:/media/disk-4$ locale
LANG=en_US.UTF-8
LANGUAGE=en_US:en
LC_CTYPE="en_US.UTF-8"
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="en_US.UTF-8"
LC_NAME="en_US.UTF-8"
LC_ADDRESS="en_US.UTF-8"
LC_TELEPHONE="en_US.UTF-8"
LC_MEASUREMENT="en_US.UTF-8"
LC_IDENTIFICATION="en_US.UTF-8"
LC_ALL=

***Dan*** · #30 16th October 2012, 02:58 AM

Quote:

I am frustrated with the lack of complete understandable instructions and solutions.

In a terminal, type the following:

Code:

man chmod

Press [ENTER] Then read the contents of the display. Instructions to operate that program are embedded in it.

After you have read the contents of that man(ual) file, re-examine the command yellowman gave you to run, and adapt it accordingly.

Code:

chmod -x whatever_file

you will then see the need to replace, "whatever_file" with the name for the file you wish to adapt, gleaned locally.

If the directory you are working with contains only text files, and you do not wish any of them to have the executable property, use the following in a terminal:

Code:

chmod -x *

That should adjust everything in the working directory, but not recursively.