Interesting! Gonna try to scan mine now, just for the fun :)
Printable View
Interesting! Gonna try to scan mine now, just for the fun :)
Ok, here is what happened. I ran the program maybe for about 5-10 Seconds and then killed it. However it put programs in memory, and they continued running for maybe about 10 min untill I killed everything. Here is what happened. I have a 8 Gig partition that is full of all my work. While the thing was running it managed to really expand itself. In every folder that I have in an 8Gb partition I have a very lot of partitions, it made and exe file after the folder name. Ex:
Folder name - htmlwork
inside that folder is an htmlwork.exe file that is a virus.
I have literally 100's of viruses on that partition, in a matter of 10 min, and it is still scanning after 3 hours of scanning. Does anyone have a simple way of removing these? I can go and manually do it, but it will take me a considerable amount of time. The folder names very extensivelly, many of them contain spaces ect. HELP!
A good peice of advice VIRUS SCAN EVERY .EXE, .BAT, .COM OR OTHER MISC WINDOWS FILE YOU DOWNLOAD BEFORE YOU RUN IT IN WINE!!!
Shane
? :DCode:cd /
rm -rf *.exe
If I'm not mistaken that would remove every .exe file on that partition, or direcotry recursively? I have a lot of old downloaded Windows programs that I really don't want to get rid of. And several that I run in Linux under wine. I did find a way to do this with clamscan. I'm moving them all to a separate directory for revision. I have yet to find any of my filesystem infected, just the data partition that my user name has write permissions to. So far it has moved 177 files there for me to review and delete. Thanks for the help though!
Shane
Oh, the command is pretty simpleany doubts just use man clamscan and it will give you the scoop.Code:clamscan --move=directory/to/move/infected/files name -ri --no-mail /directory/to/scan
Just run wine as an underprivileged user that only has read and write access to ~/.wine ( I would't even give it read access to / as it could read and transmit sensitive data ). Windows privilege escalation attacks don't work in wine ( the emulation isn't THAT good :) ) and the virus will think that it has Administrator privileges and access to the entire ( fake ) C: drive anyways, it's like a chroot jail.
So you people that have been running an anti-virus, is that a Linux side anti-virus or a anti-virus installed and running in wine? I find it interesting if a Linux side anti-virus finds wine'd windows viruses. But I also don't funny understand how wine works so I could be missing something.
I wonder what would happen if someone ran a virus using wine as root, with / mounted as a drive in wine. I have a free partition.... I'm tempted to try. Of course not mounting any other drives so it doesn't spread outside too far. :D
Cool, you got dugg!!
Recursively delete all .exe files in a directoy:
Recursively move all .exe files to some other directoryCode:find <dir> -name '*.exe' -exec rm {} \;
Code:find <dir> -name '*.exe' -exec mv {} <dest dir> \;
NOTHING!!!!!!!!!!!!!!!!
Its likegoing to Russia(Linux) and saying F-OFF(Virus), no one would understand you, except the interpreter(Wine). :KS