LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-25-2010, 01:28 AM   #1
chauniyal
LQ Newbie
 
Registered: Oct 2009
Distribution: fedora
Posts: 26

Rep: Reputation: 0
removing viruses in windows partition using linux.


i have a dual boot systme with windows xp and mandriva linux free spring.my windows partition was badly infected with an unknown virus.i had no anti virus sotware at the time.i tried to install it later but it wont allow it ,and hung my system for a long time.and which showed the following symptoms.
-taskmanager has been disabled
-drives refuse to format
-the desktop keeps getting stuck
-new folders being creted at certain places

however my linux partition works absolutely fine,so i downloaded avast anti virus from here and tried to use it in windows,but the virus wont open the desktop as it hangs my computer.is there a way to clean my hard disks of viruses using linux.or i will ahve to g o with the most extreme option -to format my system again.

ac
 
Old 06-25-2010, 01:51 AM   #2
grail
LQ Guru
 
Registered: Sep 2009
Location: Perth
Distribution: Manjaro
Posts: 9,253

Rep: Reputation: 2686Reputation: 2686Reputation: 2686Reputation: 2686Reputation: 2686Reputation: 2686Reputation: 2686Reputation: 2686Reputation: 2686Reputation: 2686Reputation: 2686
You should be able to mount the drive under linux and run the scanner over the drive. I am not a 100% on how well this will get rid of anything but worth a shot.
 
Old 06-25-2010, 02:26 AM   #3
crts
Senior Member
 
Registered: Jan 2010
Posts: 1,606

Rep: Reputation: 448Reputation: 448Reputation: 448Reputation: 448Reputation: 448
Hi,

AFAIK, a linux virus scanner does not recognize any windows viruses. So just mounting the drive and running the scanner probably is not going to work. At least it did not when I tried it - but that was many years ago. However, you could try to run the windos virus scanner through wine and have it scan your windos partition.
Another possibility would be to install windows on a virtual machine and install the virus scanner on it. Then mount your real windos partition on /mnt and make /mnt visible to the virtual machine. Then scan it from the virtual machine. It is just an idea. Haven't tried it myself. If you want to try it let us know how it worked out.
 
Old 06-25-2010, 01:05 PM   #4
chauniyal
LQ Newbie
 
Registered: Oct 2009
Distribution: fedora
Posts: 26

Original Poster
Rep: Reputation: 0
i heard about f-prot from some where and downloaded the free version.its readme file said to run the install-f-prot.pl file.however when i clicked there the file that opened was a perl script in the Ark archiving tool.i got stuck over here as i had no idea how to proceed.
 
Old 06-25-2010, 01:43 PM   #5
crts
Senior Member
 
Registered: Jan 2010
Posts: 1,606

Rep: Reputation: 448Reputation: 448Reputation: 448Reputation: 448Reputation: 448
Quote:
Originally Posted by chauniyal View Post
i heard about f-prot from some where and downloaded the free version.its readme file said to run the install-f-prot.pl file.however when i clicked there the file that opened was a perl script in the Ark archiving tool.i got stuck over here as i had no idea how to proceed.
Hi,

I was just on homepage of fprot. It seems that it can scan windows files with the linux client.

As for the installation problem, it seems that you did not extract the tarball first. You will have to do this via CLI. Run this commands as root
Code:
cd /usr/local
gunzip -c /path/to/fp-PLATFORM-ms-VERSION.tar.gz | tar -xvf -
cd f-prot/
./install-f-prot.pl
Do not use the GUI to install.
 
Old 06-26-2010, 04:08 AM   #6
chauniyal
LQ Newbie
 
Registered: Oct 2009
Distribution: fedora
Posts: 26

Original Poster
Rep: Reputation: 0
"As for the installation problem, it seems that you did not extract the tarball first. You will have to do this via CLI. Run this commands as root"

thanks a lot,but i am still stuck.i am not able to give the right command i presume.i am getting error messages
"No such file or directory
tar: This does not look like a tar archive"
maybe i am not able to figure out the PLATFORM and VERSION part of the command.
this tar file has the path /home/ashish/fp-Linux-i686-ws.tar.gz

please tell me how to write this command correctly

thanks again
 
Old 06-26-2010, 10:27 AM   #7
crts
Senior Member
 
Registered: Jan 2010
Posts: 1,606

Rep: Reputation: 448Reputation: 448Reputation: 448Reputation: 448Reputation: 448
Quote:
Originally Posted by chauniyal View Post
"As for the installation problem, it seems that you did not extract the tarball first. You will have to do this via CLI. Run this commands as root"

thanks a lot,but i am still stuck.i am not able to give the right command i presume.i am getting error messages
"No such file or directory
tar: This does not look like a tar archive"
maybe i am not able to figure out the PLATFORM and VERSION part of the command.
this tar file has the path /home/ashish/fp-Linux-i686-ws.tar.gz

please tell me how to write this command correctly

thanks again
Which commands did you exactly execute?
Code:
cd /usr/local
gunzip -c /home/ashish/fp-Linux-i686-ws.tar.gz | tar -xvf -
cd f-prot/
./install-f-prot.pl
should have accomplished the task
Alternatively you can try
Code:
cd /usr/local
tar -xvzf /home/ashish/fp-Linux-i686-ws.tar.gz
cd f-prot/
./install-f-prot.pl
Hope this helps.
 
Old 06-26-2010, 01:10 PM   #8
chauniyal
LQ Newbie
 
Registered: Oct 2009
Distribution: fedora
Posts: 26

Original Poster
Rep: Reputation: 0
[ashish@localhost local]$ cd /usr/local
[ashish@localhost local]$ gunzip -c /home/ashish/fp-Linux-i686-ws.tar.gz | tar -xvf -
./f-prot/
tar: ./f-prot: Cannot mkdir: Permission denied
./f-prot/doc/
tar: ./f-prot/doc: Cannot mkdir: No such file or directory
./f-prot/doc/man/
tar: ./f-prot/doc/man: Cannot mkdir: No such file or directory
./f-prot/doc/man/f-prot.conf.5
tar: ./f-prot/doc/man/f-prot.conf.5: Cannot open: No such file or directory ...

.
.
.
.
..
this is exactly what i did before ,and this is what i get .however it is a long list ,which i have not included .may be i should fidget around with permissions ,what do you suggest.


thanks a lot again
 
Old 06-26-2010, 01:23 PM   #9
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
You need root privileges by the looks of it. Either become root or use sudo; not sure what Mandriva uses.
 
Old 06-26-2010, 01:47 PM   #10
crts
Senior Member
 
Registered: Jan 2010
Posts: 1,606

Rep: Reputation: 448Reputation: 448Reputation: 448Reputation: 448Reputation: 448
Quote:
Originally Posted by chauniyal View Post
[ashish@localhost local]$ cd /usr/local
[ashish@localhost local]$ gunzip -c /home/ashish/fp-Linux-i686-ws.tar.gz | tar -xvf -
./f-prot/
tar: ./f-prot: Cannot mkdir: Permission denied
./f-prot/doc/
tar: ./f-prot/doc: Cannot mkdir: No such file or directory
./f-prot/doc/man/
tar: ./f-prot/doc/man: Cannot mkdir: No such file or directory
./f-prot/doc/man/f-prot.conf.5
tar: ./f-prot/doc/man/f-prot.conf.5: Cannot open: No such file or directory ...

.
.
.
.
..
this is exactly what i did before ,and this is what i get .however it is a long list ,which i have not included .may be i should fidget around with permissions ,what do you suggest.


thanks a lot again
As I already said in my first post you need to be root. So before you execute those commands type in first:
Code:
su -
Then enter your password.
If this does not work you might have to:
Code:
sudo su -
 
Old 06-26-2010, 01:55 PM   #11
chauniyal
LQ Newbie
 
Registered: Oct 2009
Distribution: fedora
Posts: 26

Original Poster
Rep: Reputation: 0
thanks i got it now.it finally ran.i did it by my sudo password,may be i should read more on this. please be there with me till i am through with this
thanks again
 
Old 06-26-2010, 03:24 PM   #12
chauniyal
LQ Newbie
 
Registered: Oct 2009
Distribution: fedora
Posts: 26

Original Poster
Rep: Reputation: 0
i have to do it all using the CLI.this is what i get


root@localhost f-prot]# fpscan

F-PROT Antivirus version 6.3.3.5015 (built: 2009-12-23T13-43-55)


FRISK Software International (C) Copyright 1989-2009
Engine version: 4.5.1.85
Arguments:
Virus signatures: 201006261241bb61b72d34ee2af516f97e1965da9ae7
(/usr/local/f-prot/antivir.def)

Nothing to scan.

Usage:
fpscan [MEDIA] [OPTIONS] [PATHS]
Options:
--all, -a
--local, -l
--boot, -b
--follow, -f
--mount, -m
--maxdepth=n, -d n (default 30)
--scanlevel=n, -s n (0 <= n <= 4, default 2)
--heurlevel=n, -u n (0 <= n <= 4, default 2)
--archive=n, -z n (0 <= n <= 99, default 5)
--adware
--applications
--verbose=n, -v n (0 <= n <= 3, default 1)
--signatures=<FILE>, -i <FILE>
--output=<FILE>, -o <FILE>
--append, -+
--nospin
--exclude=<LIST>, -e <LIST>
--disinfect, -y (think "yes, always disinfect")
--report, -r
--macros_safe
--macros_new
--virno
--virlist
--version
--help, -h, -? (for more detailed help)




i have tried a lot but am not able to write this command correctly.
my windows partitions names are vip,vip1.they the are already mounted.please tell how to write the command correctly.
 
Old 06-26-2010, 03:30 PM   #13
chauniyal
LQ Newbie
 
Registered: Oct 2009
Distribution: fedora
Posts: 26

Original Poster
Rep: Reputation: 0
and these is the man page for fpscan

NAME
fpscan - F-PROT Antivirus for UNIX, Command-Line Scanner

SYNTAX
fpscan [options] [file or directory]

DESCRIPTION
fpscan is a tool for scanning individual files or directory trees for viruses. The
options selected determine which methods are used for scanning. By default fpscan
scans all files, including inside archives, and reports to STDOUT. By default
fpscan prompts for file disinfection when infected files are found.

OPTIONS
-f, --follow
Follow symbolic links. Symlinks, when specified as paths on the command line are
always followed, regardless of this option.

-m, --mount
For each path given, stay on that filesystem.

--maxdepth=n
Descend at most n levels of directories below a given scanpath (default 30 levels).

-s n, --scanlevel=n (0 <= n <= 4)
0 => Disable regular scanning (only heuristics).
1 => Skip suspicious data files. Not recommended if filename is unavailable.
2 => (Default) Unknown and/or wrong extensions will be emulated.
3 => Unknown binaries emulated.
4 => For scanning virus collections, no limits for emulation
 
Old 06-26-2010, 03:37 PM   #14
chauniyal
LQ Newbie
 
Registered: Oct 2009
Distribution: fedora
Posts: 26

Original Poster
Rep: Reputation: 0
u n, --heurlevel=n (0 <= n <= 4, default 2)
How aggressive heuristic should be used. Higher levels means more heuristic tests
are done which increases both detection rates AND risk of false positives.

-z n, --archive=n (0 <= n <= 99, default 5 levels)
How deep to scan inside nested archives.

--adware
Scan for and report/act on adware in addition to viruses and worms.

--applications
Scan for and report/act on applications that may constitute security risks. This
includes remote access tools which users should regard as malware if installed
without their knowledge or consent. The same program could be a perfectly valid and
useful tools for another person, so the definition of what should be considered
malware in this category must come from the user.

-v n, --verbose=n (0 <= n <= 2)
0 => Report infections only
1 => (Default) Report infections and scan errors
2 => Report all files as they are processed, as well as all warnings and errors.

--signatures=FILE
Use a specific virus signature file (antivir.def). Refer to the file using its
full path name. By default the virus signature file is loaded from the same direc‐
tory as the command-line scanner binary.

-o FILE, --output=FILE
Send output to FILE instead of stdout.



THERE IS MORE BUT I THINK THAT SHOULD BE ENOUGH
 
Old 06-26-2010, 04:35 PM   #15
crts
Senior Member
 
Registered: Jan 2010
Posts: 1,606

Rep: Reputation: 448Reputation: 448Reputation: 448Reputation: 448Reputation: 448
Hi,

I am not familiar with that program, however, according to the documantation on this site you should be able to perform a normal scan. You will probably have to mount your windos partition first.
Code:
mount /dev/sdXX /mnt
where sdXX is your windos partition. If you are not sure about that run
Code:
fdisk -l
first to determine which partition contains your windos.
After that
Code:
f-prot /mnt
should do the trick - according to documentation. Again, I am not familiar with this tool.

Last edited by crts; 06-26-2010 at 04:36 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Removing Linux from a shared Windows/Fedora partition geekbynature Linux - General 2 09-21-2009 12:21 PM
Removing Linux Partition and merging that space with my other Windows Partition RamenBooko Linux - General 3 10-11-2007 03:47 PM
clean Windows Partition Viruses by Linux ? medya Linux - Software 5 05-19-2006 07:35 AM
Removing Windows partition... Enil8 Linux - Newbie 6 07-13-2003 04:36 PM
Removing Windows partition from dual-boot system sjkirkpatrick Linux - Newbie 1 07-12-2002 12:27 PM


All times are GMT -5. The time now is 12:51 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration