Antivirus for windows files on linux server ? Which one ?
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Antivirus for windows files on linux server ? Which one ?
Hello everyone,
I have a file server where i use to backup old files. I have found some of the files to have virii. I scanned them using Kaspersky on a windows machine that had a networked drive on the file server. Kaspersky has found the virii but is unable to "disinfect" without deleting the whole file.
I dont want to delete the file, i want to try and remove the virus, there were two differnt viruses in different files, the virii were
Trojan-Dropper.Win32.Agent
Trojan.Win32.Monder
I was thinking since linux rocks maybe i could install a antivirus on the linux file server and maybe that would be able to "disinfect" the files and allow me to keep them.
I used avast on windows machines in the past and found it great until it seemed to loop on some files some dumped it for ClamWin which is based on ClamAV
Never used it on linux personally but by removing the microsoft part out of the equation I would think it would work well.
Just an FYI. The plural of virus is viruses. This is because the work "virus" is new and not of Latin origin. I used to make the same mistake until I looked it up in a dictionary.
What files are contaminated. Do the same files exist in a previous backup that might not be infected?
Or do you want to remove the infected files from the backup archive rather than delete the entire backup.
If that is the case, you might want to look at what the "file" command says about the archive file. Some
backup programs even for windows are based on the tar program, so you might be able to use tar to delete these files.
If the archive is compressed, this won't work even for a tar archive.
Another possibility is to extract the files, excluding the two infected files, into a directory and then archive the contents of that directory.
I looked up info on Trojan-Dropper.Win32.Agent. There are different versions known by this name and you may have other files to delete as well. Do you have more information on which one you have?
Just an FYI. The plural of virus is viruses. This is because the work "virus" is new and not of Latin origin. I used to make the same mistake until I looked it up in a dictionary.
What files are contaminated. Do the same files exist in a previous backup that might not be infected?
Or do you want to remove the infected files from the backup archive rather than delete the entire backup.
If that is the case, you might want to look at what the "file" command says about the archive file. Some
backup programs even for windows are based on the tar program, so you might be able to use tar to delete these files.
If the archive is compressed, this won't work even for a tar archive.
Another possibility is to extract the files, excluding the two infected files, into a directory and then archive the contents of that directory.
I looked up info on Trojan-Dropper.Win32.Agent. There are different versions known by this name and you may have other files to delete as well. Do you have more information on which one you have?
thanks i didnt know virii was wrong anyway i just have one version of the files its a .exe so its not archived, if i delete the .exe then i am in turn deleting the whole program.
It would be nice if i had the hex code of the virus so i could open the .exe in a debugger find the virus and nop it out.
I am also unsure which "version" i have, thats all kaspersky told me.
Im gonna try that clamav and see what it does, since i dont have any backup i want to keep the files. they are installs for other programs so im pretty sure the files wont infect my pc until i run the .exe and install the program (and the virus).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.