• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Removing Win Malware using Linux Tools

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Security Related Software

View previous topic :: View next topic  
Author Message
a_link_to_the_past
Just Arrived
Just Arrived


Joined: 17 Aug 2007
Posts: 0


Offline

PostPosted: Sun Nov 30, 2008 5:06 pm    Post subject: Removing Win Malware using Linux Tools Reply with quote

What is currently the best tactic for removing Malware from a Windows partition using tools within Linux?

Last edited by a_link_to_the_past on Mon Dec 01, 2008 12:55 am; edited 1 time in total
Back to top
View user's profile Send private message
RoboGeek
SF Mod
SF Mod


Joined: 13 Jun 2003
Posts: 16777166
Location: LeRoy, IL

Offline

PostPosted: Sun Nov 30, 2008 11:12 pm    Post subject: Reply with quote

Windows malware can't run on linux
Back to top
View user's profile Send private message Visit poster's website
ryansutton
Trusted SF Member
Trusted SF Member


Joined: 25 Aug 2004
Posts: 67
Location: San Francisco, California

Offline

PostPosted: Tue Dec 02, 2008 7:43 pm    Post subject: Reply with quote

The best tools for removing Windows malware, are made for Windows.

You could however boot in to Linux, mount a Windows partition and run an AV scan against the Windows partition. If the AV scanner you use in Linux uses Windows definitions, it should be able to remove them. F-Prot does indeed scan for and remove Windows viruses when run from a Linux computer.

You could also mount a Windows partition and manually delete infected files, however I wouldn't recommend this unless you are sure of what you are doing.

The problem with removing viruses from Linux, is you only can see a flat view of the file system. You won't be able to see what is loaded in to memory and as far as I know you won't be able to clean out the relevant parts of the windows registry.
Back to top
View user's profile Send private message
a_link_to_the_past
Just Arrived
Just Arrived


Joined: 17 Aug 2007
Posts: 0


Offline

PostPosted: Tue Dec 02, 2008 7:49 pm    Post subject: Reply with quote

Thanks, it looks like F-Prot is what I was looking for, since it can use Windows def's.
Back to top
View user's profile Send private message
ryansutton
Trusted SF Member
Trusted SF Member


Joined: 25 Aug 2004
Posts: 67
Location: San Francisco, California

Offline

PostPosted: Tue Dec 02, 2008 8:14 pm    Post subject: Reply with quote

You're welcome. Very Happy
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Security Related Software All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register