Conversation

Notices

1. Jose R Rodriguez Debian , Linux , Linux Mint Users

   …using !Linux to check a laptop for viruses: booted with live !Debian !Mint; sudo apt-get update && sudo apt-get install clamav #clamscan …

   Monday, 14-Nov-11 09:00:25 UTC from web at San Jose, California, United States
   • Frederik Debian

     @metztli I think #clamav is fantastic as an e-mail attachment scanner, but I would never trust it to detect installed viruses on #Windows.

     Monday, 14-Nov-11 09:03:11 UTC
   • Jose R Rodriguez Debian , Frederik

     Well unless there is a rootkit embedded deep into Windows' entrails, #ClamAV signatures engine is as good as #Panda, McAfee, Symantec, etc.

     Monday, 14-Nov-11 09:14:05 UTC
   • P. J. McDermott GNU's Not Unix , Linux , Frederik

     I use ntfs-3g, find, and rm on a !GNU / !Linux live CD to remove viruses on an MS Windows system. The only way to be sure. ;) /cc @metztli

     Monday, 14-Nov-11 10:44:37 UTC
     Morten Juhl-Johansen Zölde-Fejér likes this.
   • Daniel Martí GNU's Not Unix , Linux , P. J. McDermott

     @pehjota There is no way to modify files in fat/ntfs partitions without being su, right?

     Monday, 14-Nov-11 11:04:35 UTC
   • Sergio Tridente GNU's Not Unix , Linux , Daniel Martí

     @mvdan it depends on how you mounted the partition. For instace: you are most probably allowed to modifiy dile on an automounted usb stick

     Monday, 14-Nov-11 11:29:01 UTC
   • P. J. McDermott GNU's Not Unix , Linux , Daniel Martí

     As I recall, #ntfs-3g provides files with owner ID 0, group ID 0, and mode 0777 (rwxrwxrwx).

     Monday, 14-Nov-11 11:50:22 UTC
   • P. J. McDermott GNU's Not Unix , Linux , Daniel Martí

     #Linux's fat drivers show files with UID 0, GID 0, & mode 0755 by default, which can be changed with "uid", "gid", & "umask" mount options.

     Monday, 14-Nov-11 11:59:42 UTC
   • Rajit Vikram Singh Debian

     @metztli Interesting. Do they get the signatures from a common source? And how often does ClamAV update it's signature database?

     Monday, 14-Nov-11 18:54:09 UTC
   • Jose R Rodriguez Linux , Rajit Vikram Singh

     On Windows: #freshclam.exe process regularly downloads Virus Database Updates http://ur1.ca/5ufle but we're on !Linux, right? No #exe ;)

     
     Tuesday, 15-Nov-11 18:49:57 UTC
   • Jose R Rodriguez Debian

     #ClamAv's a framework http://ur1.ca/5ufno that holds its own against AV commercial offerings

     
     Tuesday, 15-Nov-11 18:52:27 UTC
   • Jose R Rodriguez Debian

     Is it? Or is it only date on the background page? Try it! http://ub0.cc/T0/4d read & scroll down to select relevant #AV links☛locate #ClamAV

     
     Friday, 18-Nov-11 05:00:04 UTC
   • Jose R Rodriguez Debian , Linux , Linux Mint Users

     Once you're satisfied that #ClamAV is just what you need to perform an autopsy on Windows, make sure to contribute data http://ub0.cc/1j/xh

     Friday, 18-Nov-11 05:17:39 UTC