How to scan my flash drives for Windows viruses while on Linux? (Not ClamAV) [closed]
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
- I don’t think that using a Windows system to scan them is a good solution, although it might sound to be the easiest and most obvious. My mother’s PC runs Windows XP but is an old PC, tricky and unreliable because it falls all the time.
- ClamAV is not an option for me as I have a very bad experience related to it. I have used it in the spring to scan a Windows partition (on a dual boot PC) and the result was a total mess and I had to reinstall both operational systems again. Since that day, I simply hate ClamAV as I am convinced that it erases even good and clean files and all it does is just a mess.
So, if you have a a solution apart of those two and keeping in mind my lack of CD drive, then your advice would be very much appreciated.
What might I say regarding the same is very easy : @Cristiana. Mount the usb in /media/Your USB and then open it. Keep all the folders and files you recognize, Delete any suspicious file/folder. Specially with Characters in names etc etc. Its more of a self know approach to defend against viruses. Imho, i dont think that will cause any damage to system files in pen drive.
I think you will have a similar experience with all Linux anti-virus programs. AS far as I know, none of the linux anti virus programs «disinfect» files, they only offer to delete infected files. You have to use an antivirus program to identify the problem, then search for a solution. Sometimes you can disinfect, sometimes you have to delete files, and sometimes you have to do a fresh install. The problem is in the nature of viruses, and not anti virus software, and as such, clamav is a good as any other.
@ASCIIbetical Thanks for the advice! As I have told already, I am a newbie. I don’t know, for example, how to mount a flash drive if it doesn’t mount «by itself» automatically. Anyway, till now, I didn’t had to know, because, every time I plug in a flash drive, its icon appears on the desktop. I am not sure that I can recognise any suspicious file because I know what I have put on those drives and I see only what I have put. So, if there is any suspicious file or folder, I suppose, there are many chances to be somehow, invisible, I think. Anyway, I’ll study this aspect more.
4 Answers 4
Thank you K7AAY! After a painfully complicated process, I have managed to install and use Bit Defender on my netbook. I have even managed to add Bitdefender to the right-click menu in order to be able to easily use it. Anyway, the main idea is that I have successfully scanned two of my flash drives with BitDefender and it have found several viruses and trojans where I was expecting the least. Till now, BitDefender is the best and I am pleased with it. But I’ll try other apps too in order to get an objective view.
If it is just the flash drives you want to wipe of the viruses, just copy the files (the ones you know which don’t contain viruses) off them, and use GParted to wipe them.
Making sure that it is the memory stick you are wiping, unmount it, and delete the partitions:
Then go to Device , and Create Partition Table. . Set to make a msdos table, and click Apply .
You can then create a new FAT32 partition, so that it will work with both Windows and Linux.
All this should effectively remove all date from the memory sticks, making sure there are no viruses.
While this was not what I was looking for (because I wont to clean a flash drive without having to erase it) your suggestion, wilf, is good to be known. I am sure that people who wont to extra security will use it. I’ll keep it in mind for the future when I’ll wont to write something on a flash drive from scratch.
You could install an antivirus product on Ubuntu such as Comodo Antivirus For Linux (Free) or the previously mentioned ClamAV (Free), or you could install wine and setup an antivirus product inside of it such as Symantec Endpoint Protection (not free) or Comodo Internet Security (Free), just make sure to disable any kind of auto-scan capability (if possible don’t install it to begin with). You will of course have to enable access from wine to the usb stick via wines virtual letter drives.
How to install Comodo Antivirus For Linux:
Thanks for the suggestion. I have decided to give it a try. Wine si already installed on my system so all I had to install was Comodo. After installation, I have clicked on «Comodo Antivirus» to start the app. But first of all, before it actually started, it popped up a small window telling me that some kind of driver SQUED Driver (or something like that) is not installed. I clicked OK without thinking twice and that was the only time I saw this. I must say, that, for my shame, I have forgotten, after the installation, to type in the terminal: «sudo /opt/COMODO/post_setup.sh».
It also said that «Comodo Application Agent is not running!» and, apparently, because of that I could not update the virus database.
As I wonted to solve the problem of updating the virus signature, I have followed the tutorial from your link and typed in the terminal «sudo /opt/COMODO/post_setup.sh». But it turned out to be not enough, so, Comodo itself suggested, I have also typed this line after the previous: «/etc/init.d/cmdavd restart». The result is that now, the virus signature database is updating as we speak.
I have scanned with Comodo one of my flash drives, a multi-boot drive with no remanence having Knoppix, Kubuntu, Easypeasy and Bodhi on it. All, except the last one, seem to be infected with 3 malwares. Here are the results: Packed.Win32.MUPX.Gen@129019204, Virus.Win32.Sality.Gen@84752119 and Win32.Neshta.A@184948, the last one infecting several files, including. wubi.exe (!). Could that be a false positive? I did not cleaned them because I’m not sure what to do about it. All those Linux distros are genuine, downloaded from their websites.. How is this possible to find malware in them?
Based upon my logical inference, I have reached to a conclusion (I might be wrong) that since (in her own words) she only sees what she put on those drives , IMHO, i don’t think her system/Linux is any how infected. You see, these Trojans, viruses, Malwares etc. programmed for windows environment are generally of .exe format. As soon as you put them inside a foreign environment like Ubuntu , they can’t get executed by themselves and remain in a docile state. There is also very less probability (rather no way if you ask me) that they can remain hidden by default in any Unix based system. (They are programmed/written such way to remain hidden in Windows, so that they can propagate further), but can’t stay same in Unix. So, as she mentions, all of her friends are Windows users I guess as soon as she plugs in the drive in their system, these, Trojans/viruses etc. already present in their systems, infects her pen drive as well. (Its relatively easy to guess as the probability of a Windows system getting infected is much more higher than a Unix System). Also, relatively, the chances of getting a pen drive infected by any *Nix system for Windows Os are pretty low. There is no way a *Nix System can infect a pen drive in such a way that as soon as you plug your drive in Windows Xp and scan it with anti-virus, it recognizes virus or malware. That is not linux behavior. Linux is not designed that way, Security is at its very core. So, what I would rather suggest is that IMHO, your Linux environment is 100 % safe, its when you hop your pen drives from 1 system to other (of your friends) where it gets infected. I wont say don’t do it, but my solution will be to rather going to stupid OS and Stupid anti virus, insert USB in Linux(Ubuntu) environment , Let it auto-mount, delete all those files which you haven’t put or recognize. Lo and behold, I can guarantee you try scanning that pen-drive/media in that Anti Virus of yours. Bingo ! Virus Free. Hope that helps.
Linked
Related
Hot Network Questions
Site design / logo © 2023 Stack Exchange Inc; user contributions licensed under CC BY-SA . rev 2023.7.14.43533
Ubuntu and the circle of friends logo are trade marks of Canonical Limited and are used under licence.
By clicking “Accept all cookies”, you agree Stack Exchange can store cookies on your device and disclose information in accordance with our Cookie Policy.