Announcement

Collapse
No announcement yet.

Use Kubuntu to Scan Windows Drives

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Use Kubuntu to Scan Windows Drives

    Hey guys, very happy to be here on the Kubuntu Forums!

    Just installed my First Kubuntu 18.04 onto one of my laptops. I would really like to use this laptop to boot Infected Windows drives and scan them. Obviously only when needed, as I understand that some malware is better detected when running. I just don't want to infect my Windows work machine as I've done before, and I love playing around with Linux also. It also needs to be a Free AV!

    I know about ClamAV, and the GUI ClamTK, but from what I've read it is not all that good. So I'm poking around to see if I can install a few to cover all Malware bases. When I'm done I can then Copy over files perhaps connect to a Windows machine.

    I'm going to experiment with GSmartControl also to Test Drives. This way I can do all my work on my new Kubuntu laptop.

    If this is not feasible I'll just boot from a Malware Removal Disk. I guess at the least I can use ClamAV.

    I will leave this LINK here because it is up-to-date and we all can refer to it if needed.
    Linux Antivirus 2018

    Thanks, Nasty7
    Dell OptiPlex 9010 SFF, 8GB RAM, i7 3770, Kubuntu 18.04, MB 051FJ8

    #2
    There is a fairly popular IT magazine (c`t) in the german speaking market which once or twice a year offer an anti virus CD to their subscribers.
    Based on Ubuntu with AV scanners from Avira, Eset, F-Secure and Sophos.

    Comment


      #3
      Thomas00, I have not had good luck with this subject in the past and it seem as though it is about the same these days. I will just use ClamAV or whatever comes with Kubuntu and any other scanse will do with Bootable media, as I have a few of those all ready to go!

      Thanks!
      Dell OptiPlex 9010 SFF, 8GB RAM, i7 3770, Kubuntu 18.04, MB 051FJ8

      Comment


        #4
        Wasn‘t really recomending the cd but rather wanted to share the list of scanners they use. Their use case seems to be similar to yours, boot a clean system to scan a potentially infected Windows instance as thorough as possible...

        Comment


          #5
          Yes, I got that...thanks. I will and have researched those a little, and actually installed Sophos once years ago, but it was difficult to install and run. I have Avira on disk, and this may be the easiest way to run it, seeing it's difficult to install these things sometimes. I see that most of them are not in development for Linux anymore, but they run from disk independently. Will look into the other also asap.
          Dell OptiPlex 9010 SFF, 8GB RAM, i7 3770, Kubuntu 18.04, MB 051FJ8

          Comment


            #6
            So far as usual, installing Comodo has been a nightmare. These freaking sites say how good these scanners are but they don't tell you they are all unsupported for the newer distros, even though their articles are current.

            Another thing is, I installed gdebi, but still cannot even chose to use it by Right Clicking a .deb file?

            I think I'll stop wasting my time and just use that stinking clamav.
            Last edited by Nasty7; Oct 27, 2018, 12:27 PM.
            Dell OptiPlex 9010 SFF, 8GB RAM, i7 3770, Kubuntu 18.04, MB 051FJ8

            Comment


              #7
              Seem to be having problems posting in forums, has anyone ever had this issue?

              I'll make a post, then later come back, and it is either still open or in the case here, it was gone?

              Just got this Error here: "Your submission could not be processed because the token has expired.
              Please reload the window."
              Dell OptiPlex 9010 SFF, 8GB RAM, i7 3770, Kubuntu 18.04, MB 051FJ8

              Comment


                #8
                Originally posted by Nasty7 View Post
                So far as usual, installing Comodo has been a nightmare. These freaking sites say how good these scanners are but they don't tell you they are all unsupported for the newer distros, even though their articles are current.

                Another thing is, I installed gdebi, but still cannot even chose to use it by Right Clicking a .deb file?

                I think I'll stop wasting my time and just use that stinking clamav.
                Is the only thing we have really Clamav? It don't seem to work all that well, at least from the standpoint of the GUI. Maybe it is doing well below the surface.
                Dell OptiPlex 9010 SFF, 8GB RAM, i7 3770, Kubuntu 18.04, MB 051FJ8

                Comment


                  #9
                  Here's an idea: Install Windows in a VirtualBox Machine (VM) on a computer running linux. I have to use windows for work so I have 3 (legally licensed) Windows installs - 2 are Win10 and one Win7 - on a laptop running Kubuntu 18.04. The VM's are backed up so if I ever encounter a virus, I can just wipe and reload a backup. All data files are kept off of the windows machines so they're safely on the linux side.

                  Please Read Me

                  Comment


                    #10
                    That is a good idea oshunluvr,I will mull that over too.

                    So you run all three of your Windows work VM's on one machine? Wow! I thought VM's were a little slow, but I've only tried them on slow computers.

                    I'm concerned a VM would be a lot more work for me, and the speed in which a VM acts is a little slow. I love things to go fast lol, call me inpatient. I'm not the most technical person due to my health so it may take some time for me. I have run a VM in Linux and have an extra Windows 7 license laying around so I can do that. That would still allow the VM to be infected but like you say, could restore with a backup. I was wanting to avoid any restore processes, and that's why I will give ClamAV a go when I get time.

                    I'm also considering to just boot from a portable malware scanner disk or usb on the infected computer. I will need to do some experimenting as soon as I get an infected, or even not infected drive. Of course I've tried the portable scanners on my own computers just to see how they work, but there were no infections. I should load some infections on an old laptop, take out the drive, and maybe scan it with ClamAV just to see what happens.

                    1. I think I will try to always use Kubuntu for my File Transfers. This way at least I won't infect a Windows pc, and will also give me time to research any files I don't recognise, and skip over copying them.
                    a. I wonder what others feel about Deleting Files and Folders on an External Windows Drive from Linux?

                    I was also wondering if those old Windows for Linux Malware Scanners will still receive Definitions Updates. If so I could install on an old Distro. I will pull my older 14.04 version out and see if I can find one that will install to that. I think I saw one that was compatible with 14.04, but most were 12.04 I think. The only reason I haven't yet was that machine is old and slow.

                    Just some thoughts, thanks

                    PS, Noticed you are in Newbern. A friend of mine has a brewery called Brewery 99 there, you hear of it?
                    Last edited by Nasty7; Nov 03, 2018, 07:19 PM.
                    Dell OptiPlex 9010 SFF, 8GB RAM, i7 3770, Kubuntu 18.04, MB 051FJ8

                    Comment


                      #11
                      Originally posted by Nasty7 View Post
                      That is a good idea oshunluvr,I will mull that over too.

                      So you run all three of your Windows work VM's on one machine? Wow! I thought VM's were a little slow, but I've only tried them on slow computers.

                      I'm concerned a VM would be a lot more work for me, and the speed in which a VM acts is a little slow. I love things to go fast lol, call me inpatient. I'm not the most technical person due to my health so it may take some time for me. I have run a VM in Linux and have an extra Windows 7 license laying around so I can do that. That would still allow the VM to be infected but like you say, could restore with a backup. I was wanting to avoid any restore processes, and that's why I will give ClamAV a go when I get time.

                      I'm also considering to just boot from a portable malware scanner disk or usb on the infected computer. I will need to do some experimenting as soon as I get an infected, or even not infected drive. Of course I've tried the portable scanners on my own computers just to see how they work, but there were no infections. I should load some infections on an old laptop, take out the drive, and maybe scan it with ClamAV just to see what happens.

                      1. I think I will try to always use Kubuntu for my File Transfers. This way at least I won't infect a Windows pc, and will also give me time to research any files I don't recognise, and skip over copying them.
                      a. I wonder what others feel about Deleting Files and Folders on an External Windows Drive from Linux?

                      I was also wondering if those old Windows for Linux Malware Scanners will still receive Definitions Updates. If so I could install on an old Distro. I will pull my older 14.04 version out and see if I can find one that will install to that. I think I saw one that was compatible with 14.04, but most were 12.04 I think. The only reason I haven't yet was that machine is old and slow.

                      Just some thoughts, thanks
                      Well, old and slow PC aren't the best for running VMs for sure. My laptop is old but it was top-o-the-line 6 years ago or so. I have upgraded it with an SSD and it has a quad-core processor and 8GB RAM. The RAM is my problem as having only 8 means I can only run 2 Windows VMs at once. The Windows VMs need at least 2GB to run well. I can run 3 at once if one of them is a Linux VM because both Linux VMs on my system are servers so only need 1GB RAM. Even then, I need to close most of the software on the Kubuntu host to run 3 at once in a usable (regarding speed) state.

                      If you have a descent CPU and plenty of RAM (at least 4), you could run a single Windows VM on a Linux host. The advantage here is the Linux machine can host all the file and file transfers, can host the eMail (no viruses that way), the entire windows machine is easily backed up via "Export Appliance" (literally a single command) and VirtualBox snapshots (easy roll-back if you get a virus).

                      Regardless, using Linux to "Internet" and Windows to only do what you require of it safer in every way. Frankly, unless your Windows machine is downloading and installing stuff or you open random unknown emails, you not very likely to get a virus any more. 10 years ago it was much worse than it is now. You're probably more concerned than you need to be. Also - not really knowing what you need Windows for - it's highly likely over time you will find a Linux way to do what you need and end up using Windows less and less until it's never. Most of us have had that experience over the years, My current employer requires I use MS Office 365 for my reports and communications and the job I do uses a Windows-to-Linux process that I support. The VMs are the perfect solution for my situation.

                      Another real advantage to using VMs this way is I can transport the VMs to any machine using VirtualBox. This means I can replace my laptop and not skip a beat with work. When I'm in my office, I even run my work VMs on my desktop machine by launching them remotely from the laptop via my network. Really easy and slick. The only downside to running a VM over the network is VirtualBox wasn't intended to be used that way so it's possible to have the same VM running on 2 or more computers - which is a big No-No as this will corrupt your virtual hard drive almost instantly. I found this out the hard way - backup, backup, backup

                      Final comment here - you aren't going to find much more than you already have in the way of Linux based anti-virus. We (the empirical Linux world "We" ) simply aren't concerned about viruses so there's never been much effort at it. If you're using Windows and concerned about viruses, look for the best anti-virus program for Windows and run it there. Honestly, I can't remember the last time I encountered a real virus. The best protection is to not invite viruses in the first place - keep web and email use at the absolute minimum and don't download and install anything you're not positively sure of. Reduce your need for Windows programs by looking for suitable Linux replacements and you will reduce your virus exposure.

                      Originally posted by Nasty7 View Post
                      PS, Noticed you are in Newbern. A friend of mine has a brewery called Brewery 99 there, you hear of it?
                      Seriously? We go to 99 every weekend and know Pete very well! In fact my wife and I were there last night and myself Friday night as well. We hang out with Pete a lot in the summer on our boats. You a local or near by? PM me if you want to chat about this.

                      Please Read Me

                      Comment


                        #12
                        Thanks very much oshunluvr, this will all be good info for me to build on. Your VM Info is very inspirational and hope to find time to at least try it out! I've only done it once on my old XP/Linux machine.

                        The only reason I started this Thread is because my Main Windows machine got infected a few times when attaching a Customers Drive via USB. Clearly I could do this more than a few ways, so just looking for the simplest way for me. My health is real bad, and it affects my ability execute complicated computer stuff. I work repairing computers part time on my own just to keep me afloat. Unfortunately they are 99.9% Windows machines. I've prepared and sold some Linux machines, but only have one Linux Customer left.

                        I started out on XP, and then really learned about pc's after putting Linux on that XP machine. So, I love Linux, but forced to use Windows. I can't learn both at the same time due to my health, so keeping my main machine as Windows 7 and have Windows 8-10 laying around for research.

                        My Kubuntu Project pc:

                        HP Pavilion dv6-6c48us, Kubuntu 18.04, AMD A8-3520M, 6.00GB DDR3 @ 672MHz (9-9-9-9-24, AMD Radeon HD 6620G, 500GB WD Black HDD.


                        Thanks, Nasty7
                        Dell OptiPlex 9010 SFF, 8GB RAM, i7 3770, Kubuntu 18.04, MB 051FJ8

                        Comment


                          #13
                          Help Installing Sophos Anti Virus. I thought this would be as easy as installing with gdebi, but it seems as though it needs to be compiled or something. Will someone help me install Sophos AV, it's been a long time since I've installed anything with Linux. Here are the files after unpacking.

                          Dell OptiPlex 9010 SFF, 8GB RAM, i7 3770, Kubuntu 18.04, MB 051FJ8

                          Comment


                            #14
                            Okay, found some directions, though I didn't think there would be from past experience. They are even up to date! kudos to fosslinux
                            https://www.fosslinux.com/2852/how-t...in-ubuntu.htm/

                            This stuff is way over my head so glad I found that site!

                            Now I don't see a way to open it?

                            It seems as though I won't be able to do a targeted scan until I learn how to use the Command line tools? I don't see the GUI anywhere.
                            Last edited by Nasty7; Nov 25, 2018, 10:17 PM.
                            Dell OptiPlex 9010 SFF, 8GB RAM, i7 3770, Kubuntu 18.04, MB 051FJ8

                            Comment


                              #15
                              Originally posted by Nasty7 View Post
                              Seem to be having problems posting in forums, has anyone ever had this issue?

                              I'll make a post, then later come back, and it is either still open or in the case here, it was gone?

                              Just got this Error here: "Your submission could not be processed because the token has expired.
                              Please reload the window."
                              Our forum uses a cookie to keep you from being 'timed out' while logged in. If you don't check the Remember me box below your login username, the cookie won't be set, and you will be timed out after 15-minutes. Typing a long post isn't considered activity, so if it takes you longer than 15-minutes before you hit the post button, you will already have been timed out here.
                              Windows no longer obstructs my view.
                              Using Kubuntu Linux since March 23, 2007.
                              "It is a capital mistake to theorize before one has data." - Sherlock Holmes

                              Comment

                              Working...
                              X