I have a version of Avast antivirus for Linux installed on my machine. I installed that when I was paranoid (I’m not quite so paranoid now ;)) to search and track Linux viruses.
Now I need it for something different: tracking and removing Windows viruses. I’ve heard that Linux antiviruses really only search for Windows viruses, but I need to be very sure; it’s very important that the file I’m checking with a Linux antivirus is not infected with a Windows virus.
The file I want to check is a huge ISO file downloaded from BitTorrent. Considering how virus-infected BitTorrent downloads are, I want to check the file.
I use Avast Linux Home Edition version 1.3.0, if all this helps.
I can’t tell you anything about using Avast (although I’ve found it reasonably good on Windows systems), but I can tell you that most Linux users seem to recommend ClamAV for such purposes.
What you have will do, so long as you have permissions to access the windows partition
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Huge ISO files from BitTorrent… you mean like a Linux distro DVD I’m
sure. Luckily for you all of those include md5sums posted on the
distribution’s website so you can compare with the downloaded ISO to be
sure it is not compromised in any way. Other vendors typically have the
same thing (for example, Novell downloads include md5sums on the download
pages that you can view). If the source is reputable at all getting some
kind of checksum should be trivial.
So on to a less-likely use case… if the source is not reputable you
have two options: accept risk or find a reputable source. Accepting risk
is required if you use the ISO for a couple reasons. First, hiding a
virus on purpose isn’t that hard. Encrypting a virus makes it impossible
to detect. That also means that in order to use the virus is must be
decrypted, but if this ISO is an installer or something with executable
(in windows) code then it could do that decryption where the AV software
cannot and infect you. On the other side of things antivirus software no
matter what McAfee or Symantec claim, is not an exact science. If it were
then the need for newer versions and definitions every day would not
perpetuate their business model. A new virus that does not match existing
definitions is created every day which is why new definitions are
constantly created.
Hopefully you’re in the first category and can verify your media via
checksum from a reliable source.
Good luck.
Confuseling wrote:
> I can’t tell you anything about using Avast (although I’ve found it
> reasonably good on Windows systems), but I can tell you that most Linux
> users seem to recommend ClamAV for such purposes.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBAgAGBQJK3fzGAAoJEF+XTK08PnB5yLMQAJLVDI6/YvcEIsV3qbK+5XLG
NuXNQ1DmyJNKalSqiQxDjvFpmOnHDkGlFhJ4FBz7CxZb//JuqJo+A7urnSLPXmp7
8gIOJ7n+E+WvG6zhh7wWQIx0HpfDzayFfmXB1NSIdtqr+Wtj852RNno5fpmWQIGT
8KtVfgkAs31b8+yRDRSd5vbX3/ouKO5pwMV/chdFy0a3YLQBGLR1yv/dRfIgC17Y
tNS4FNNAHKkh9X4rMYxJs0MrtHYqHAE4c9EmACWGlXVps/qYhEVhtUYFcd+czUy3
5XV3Dt8rpIexisI071mIUYlDlkZ0ZyeNPgwvm8UU4bMdB6um04/iPBOc7sdXbJ7x
mqDaD5IfIOR+CvdfIQFVB/wLWYu4yaPN8jElZonMniWurTY5xkGQSMQrC4U0ch7T
r2DDZ0iHJCY9jhdGPcuzKsTACEd1jUt05xjMA5qBOEgesQU0S0SKlkudaN38R1ml
GRWExAb63c+WE/TAbe7NGBPmssN4TIGFqXGn5zYGFL41w6m5dOSO9vzpVXIU0Ttz
16lZgi/f/1VO6MssswFFWmYqluGH8xI8po3qJd5YsWPpMkSY2c/po7AUp6dZ5JmG
w3fzjmh5WTyibXTiPHmYrHR9mP5/hfo26kvsknPjEJBPDsvMr2h8+RP/UUcbjI7P
dl9oG/urXZsgF73ueC7s
=2aNX
-----END PGP SIGNATURE-----