Conditional to delete virus with rm -rf

Latest response

Can I use a conditional to delete all the .exe that I have inside a folder and subfolders?

I have a USB drive with 150 GB of infected information.
What I need is a command to delete .exe viruses and not enter each folder to delete them.

Responses

Hi Carlos,

Not sure what exactly you mean, but to remove everything that resides in a folder execute rm -r /path-to-folder/folder/*.
This command will delete all files, all sub-folders and all files in the sub-folders - the (empty) folder itself will not get removed ... :)

Regards,
Christian

I have a USB drive with 150 GB of infected information. What I need is a command to delete .exe viruses and not enter each folder to delete them.

I am also not sure what you are talking exactly. If you have infected exe then it won't run in Linux env, you can simple delete that using gui (Shift + Delete) alternatively you can use rm -r (if you give sudo permission then you can delete anything: i mean anything). If you have infected USB just insurt it and delete that infected exe file or you are using dual-boot then you can navigate to windows drive (yes, you can access Windows drive from Linux: if Windows drive is encrypted {bit-locker} the you have to install some addition package [search google for that]) and delete that infected exe. Please let us know if we got your question incorrectly and also let us know it our comment is helpful

Sorry I forgot to tell, if your main system is infected then you can use malware byte (it is pretty good cleaning viruses). OR, if you can't boot into your system then you can use Linux live CD (bootable pendrive) and delete those infected exe (executable). Also move on from windows as i did :)

Hi Sayed,

If I was affected by any kind of malware (which can hit everyone, but fortunately never happened to me, because I care a lot
about privacy and security and act accordingly), I would restore a system backup image ... this is the only way to be sure that
you have a clean system. I don't trust any virus removal software - some of them even make the system more vulnerable ! :)

Regards,
Christian

Thanks for the tips

You're welcome, Carlos ! :)

Carlos, besides what Christian and Sayed cited,

You can also do a find that looks for only files, then only things ending in .exe . Doing a flat rm -rf against a directory, might have "unexpected consequences" and might delete an important directory tree. You can do a find that only looks for files and then removes only files with an 'exec" feature. If you happen to know the precise file name, then I highly recommend using the precise file name instead.

Now a note of caution here. I'd recommend (if possible) doing a find command with the intended files before executing a remove.

Make sure to evaluate this for sanity first, do a find, then evaluate if it's what you want to remove first

#find /path/to/the/specific/directory -type f -iname "*exe" >> /tmp/findcommandoutput.txt
# echo examine the man page for the command find and examine the use of -iname

Important, validate your remove prior to executing it with the output you made in the step prior. This is a community help forum, you inherit all risk.

# echo only execute after you are confident you will only remove what is correct to move
# echo "note, this command above is dangerous if you have not verified in advance it is proper to execute.  Be cautious, if you are unsure, ask and investigate prior #resumeflag"
# find /path/to/the/location -type f -iname "*.exe" -exec /bin/rm -f {} \;

I can't stress the importance of verifying first before heavy-handedly running the rm of files such as cited above. This is an example, and I and others would highly stress to validate the removal of files prior to actually doing it. If you are not sure, please coordinate with others where you work prior. Have solid data prior to proceeding.

Do you have a backup? Also do you have a restore plan that works?

Regards

RJ

Thank you very much for your solution, it helped me a lot.

I will be very careful whenever I use it

Correct and good advice, RJ ! I agree with you and recommend against bulk deletion. I've never done that ... :)

Regards,
Christian