Wandering around my Linux filesystem I found a weird directory in /home …
drwxr-xr-x 2 root root 4096 2007-08-19 12:03 eb588afc0325b12eeb074fd6
Ok, I thought, I didn’t create that. If it’s a virus, it’s the most stupid virus in existence, but, we never know… Then I got inside and see what files it had, and found this:
$ l eb588afc0325b12eeb074fd6/
-rw-r--r-- 1 root root 865822 2007-08-02 21:41 mrt.exe._p
-rw-r--r-- 1 root root 96216 2007-08-02 21:34 mrtstub.exe
-rw-r--r-- 1 root root 45057 2007-08-19 12:03 $shtdwn$.req
Mamma mia, if it really is a virus, it’s even more stupid trying to put
.exe files in my Linux box! Anyway, The Oracle would know the answer… Searching for mrtstub, the first hit is this page, directly from the enemy’s site. Not too far I found the origin:
mrtstub is part of the Malicious Software Removal Tool. It is responsible
for copying mrt.exe to the correct location and launching it.
Long story short: I have dual boot (which I never use but my son plays sometimes) and my Linux home directory is mounted using an ext3 driver for Windows. Microsoft asked me to install this Malicious Software Removal Tool which I denied 10 times asking every bloody time NEVER TO INSTALL IT IN THE FUTURE until the 11th was my son that wasn’t even asked but turned it off as he always do and Microsoft stealthily installed this piece of crap in my computer.
That’s enough, I’ll spend a fiver and buy a cross-over software to run my son’s games on Linux and remove this crap out of my computer once and for all.