Reply With QuoteI think knoppix comes with clamscan.
type
clamscan
at a command prompt, and it'll scan a directory.
There's also BitDefender linux, which is a knoppix variant with a BitDefender virus scanner.
My roommate's computer has been running slowly ever since she brought it into class to run PowerPoint for an oral presentation. We believe it may have contracted a virus, especially since it refuses to run the Virus Scan (you click on it and nothing happens). I was looking around for a CD like Knoppix that had a Virus Scanner on it (one of my friends was convinced he'd seen one before) and while I didn't find the CD he was talking about I did find a link to an old program to install a Virus Scanner while running the LiveEval CD.
http://www.cs.bsu.edu/homepages/gjjo...KnoppixCd.html
After updating for the newer version of f-prot (and making a guess about the new location/name of the check-updates file, we came up with the following code:
#
# Install f-prot - useful in combination with persistant home
#
# Edited version
#
mkdir -p $HOME/software/
cd $HOME/software/
wget ftp://www.f-prot.com/pub/linux/fp-linux-ws-4.4.1.tar.gz
tar xzf fp-linux-ws-4.4.1.tar.gz
mkdir -p $HOME/man/man8
mkdir -p $HOME/bin
ln -fs $(pwd)/f-prot/f-prot.sh $HOME/bin/f-prot
ln -fs $(pwd)/f-prot/check-updates.sh $HOME/bin/check-updates.sh
ln -fs $(pwd)/f-prot/man8/f-prot.8 $HOME/man/man8/
ln -fs $(pwd)/f-prot/man8/check-updates.sh.8 $HOME/man/man8/
# Setting up Manpath & PATH for f-prot
cp $HOME/.bashrc $HOME/.bashrc.templ
cat $HOME/.bashrc.templ | grep -v "export MANPATH=\$HOME/man" | grep -v "export PATH=\$HOME/bin/"> $HOME/.bashrc
echo "export MANPATH=\$HOME/man/:\$MANPATH" >> $HOME/.bashrc
echo "export PATH=\$HOME/bin/:\$PATH" >> $HOME/.bashrc
rm -f $HOME/.bashrc.templ
# Fix paths
cp f-prot/f-prot.sh /tmp/f-prot.$$
sed 's%/usr/local/f-prot/%'$(pwd)'/f-prot/%g' /tmp/f-prot.$$ > f-prot/f-prot.sh
cp f-prot/tools/check-updates.pl /tmp/f-prot.$$
sed 's%/usr/local/f-prot/%'$(pwd)'/f-prot/%g' /tmp/f-prot.$$ > f-prot/tools/check-updates.pl
rm -f /tmp/f-prot.$$
# cleanup
rm -f fp-linux-sb.tar.gz
Unfortunately, it still won't run. Or rather, we can run through the code without a problem (except at "cp f-prot/tools/check-updates.pl /tmp/f-prot.$$" is asks if we want to overwrite "/tmp/f-prot.988"), but the virus scanner won't run. We can click on the icon in the /home/knoppix/software/f-prot folder, but it doesn't do anything. And typing "exec f-prot" while in the f-prot folder results in the sound of the CD spinning, and the Console suddenly shutting down without further ado.
So I am wondering if anyone can help. Is this just her computer refusing to run a Virus Scan yet again? Or is the Virus Scanner just too new to install onto the RAM disk in a LiveEval CD? Any help would be appreciated.
I think knoppix comes with clamscan.
type
clamscan
at a command prompt, and it'll scan a directory.
There's also BitDefender linux, which is a knoppix variant with a BitDefender virus scanner.
SolarCat,
Not sure if I understand your post, it appears you are saying two things here, if I hear you correctly, this is what I am reading...
(1) Is your friends system running Knoppix, Linux, or a version of Windows? ( I get the feeling they are running Windows)
(2) Are you just trying to get the Knoppix CD to run, so you can run a virus scanner on your friends computer, which is a Windows OS? (this is what I am thinking)
Depending on the version of Windows (your friend) has, Knoppix may not help you. If the version of Windows uses a NTFS on the hard drives, Knoppix may be able to detect something, but may not be able to do anything about it.
Having been a Customer Support Representative for the "roll out" of Win98, I can tell you, if you called M$ Support, they would want you to run a virus scanner "native" to the OS, a virus scanner "knowledgable" of the file system, and able to clean that file system, and the OS.
Most of the "main" virus programs, have a "trial" period, so you don't have to buy them before you have had a chance to try them first. As a CSR for Windows98, we were unable to "strictly" suggest one virus program, we had to suggest three, or more, so we didn't sound like we were bias, or had alterior motives on the choice of virus programs.
McAfee, F-Prot, and Norton, were my "usual" suggestions - of these, now I don't work for M$, I can "push" my preferances, I would go with F-Prot first, McAfee second, and lastly, Norton ( I have only had bad luck with Norton )...
I got severely tired of the games McAfee played with having to "constantly" upgrade pay for new "engines" they kept creating in McAfee - and I actually found a FREE virus scanner - can't remember the name now, but they gave you a FREE virus program, unlimited signature downloads, and the upgrades were also free. Sorry, can't remember the name...
All of the downloadable virus programs (for Windows), will check for viri BEFORE they install, or at least check that the viri program isn't infected first.
Another thought, you said your friends computer is running slow now, where is it running slow? On the internet, or just starting programs? If its starting programs, and particular ones, or just all of them?
If your friends computer is running slowly on the internet, I would suggest a "free" program for scanning "nasties" within internet explorer, "SpyBot - Search and Destroy" - it runs through your internet files, and detects (and removes, if you tell it to) advertisement cookies, security invading cookies, rogue dialers, and even registry entries that are from adult sites that "hide" but run when Internet Explorer starts up - some of, or all of, these things can slow down internet explorer, by causing more things to run in the "background" without you even knowing about it.
Other ideas from being a CSR for Windows support - how long has it been since they ran a defrag on there hard drive? If it has been recently, have they, since then, removed, or moved, or added a lot of large files to there system recently? (this can deteriorate system performace as well)
How long have they been running there hard drive? Have you recently run ScanDisk - with the "through" [major spelling error here] setting? You might be having bad spots on the hard drive, i.e. the drive might be going out.
If your friend doesn't run around on the internet, and go to "unknown" sites, or install "strange" programs from these "unknown" sites, I would think a virus is not the answer. I NEVER had a virus in Windows. I kept to "known" sites, like M$, MSN, my home site, etc... and never openned any email that "I didn't know who it came from", and never downloaded any program I didn't trust the site it was coming from, and I ran Win98 for more than 7 years without a virus attack.
What I would suggest (personal preferance here):
Run ScanDisk - in the "through" setting - if it finds a problem, fix, and run again - if it finds one again - consider your drive going bye-bye - back up your data, and maybe get a backup hard drive just in case.
Run Defrag - if it is "severely" fragmented, this could easily be the problem.
Get a "native" virus scanner for your Operating System - still trying to remember that name of the free virus program, something like "avscan" or something, OMG, the company name was AVast - I just remembered that... Was a great virus program, they have a "purchase" option to unlock "all" the features, but the "free" version works good as it is though.
Get SpyBot and scan your system for problems, this and a virus scanner are "excellent" programs to have in a Windows Utilities arsenal - IMHO
NOTE: all these suggestions are for a Windows OS - I have "never" heard of a virus in Linux, and yes, I run no virus program in Knoppix, I do have a firewall though.
I hope this helps,
Cuddles
[ps - if your Win OS is out of warranty, this kind of information would have cost you (probably, knowing M$'s costs) around $30 for a one-time charge, and for a yearly subscription, I think its around $200 or something -=- I expect payment in the mail [giggle] ]
Actually, not to dis the above poster, clamscan and bitdefender are effective at finding windows viruses.
www.bitdefender.com has a linux distro, and I think they had NTFS write support (through captive NTFS) since 4 months ago.
I find clamscan to run a bit slow, but it has an online update so you can scan with the latest patterns.
You can also find clamscan on Inside security's INSERT, and knoppix-std
SoftwareTester,
No dis intended, nor implied, my knowledge is "behind" the times, as far as Linux is concerned. I "knew" they were working on "native" read and write NTFS support, but never heard any updates to that information. So, my posting was based on my "previous" information of this. I will need to remember that "they" have gotten NTFS support on both read and write now, thank you for the information news
Also, IMO, I would still think a "native" OS virus scanner would be better though. I think of this as the same way, I have heard, numerous times, to format a Linux file system, use Linux, to format a Windows file system, use Windows -=- kind of thing. Would think this holds true for any "problems" in those systems.
But, not to dis the power of Linux, I think it has the "upper hand" in all of this, it can get into a broken system better, and can "fix" things that Windows might not even see, or allow you to fix.
Just my thoughts,
Cuddles
Hi Cuddles,
I just downloaded Knoppix 3.4 today, and one of the menu items (penguin menu)
is.. 'install extra software'
and at the top of the list is... FProt.
So, knoppix goes and downloads Fprot from Fsecure, allows you to grab an update, and scan your system.
Fprot is quite fast. I scanned 5 gigs in 12 minutes, which is many times faster than clamscan.
Wonder how long the Fprot guys will put up with linux users dl'ing FProt each time they feel like scanning for viruses.
She is running Windows XP on a FAT32 partition. McAfee Virus Scanner is already installed on her computer, and we get free virus updates through that because of a deal our University has with the software company. But it won't do the autoupdate anymore, and it won't even run. As my roommate put it, "When I tell it to run it makes a sound like the computer is going to run it, and then it just doesn't run and hopes you won't notice." We also have another University program called "Stinger" that they recommend to find different worms and things. She ran that, and that one actually opened, but it didn't find anything. So we figured we'd see if Knoppix or any other Live CDs had a Virus Scanner we could use.
She is planning on taking it to the University help desk on Thursday. If they couldn't fix it, she wanted to just install Knoppix instead of Windows, or a dual partition of Knoppix, so I'm just going to burn her a copy of 3.4 so she can play with it over the Summer and see if that's what she really wants...
Can you get an upto date deffinition list with fprot as you can with clamav? Maybe the script downloads the latest deffs when it runs, but i haven't used it and don't know.Originally Posted by softwaretester
Well, as it appears, I am "seriously" out-of-date with "current" things... sheesh, been only a month or two.... things do change quickly on Linux...
SolarCat, sounds like a good plan, considering that, as SoftwareTester said, v3.4 comes "standard" with a "mainstream" virus program.
SoftwareTester, COOL, I am way out of date with current versions, I am still running v3.3As for the "update" FProt is doing, I know for a fact that even McAfee "checks" when you are connected to the internet to see if "updates" are available. Maybe this is what it is doing, and it may have, like McAfee, a setting for disabling this checking upon start-up? I can't imagine a virus program that "always" loads its virus sigs from online, way too much data, and excess communication, to "keep" doing this. Far better to store a sig file on the system, and "update" as needed, or when requested. I've used FProt, in fact, M$ used it on all of there "internal" systems. Good program, for virus detection. (and it was fast) -=- As for Norton, I think of it more on a system repair/hard drive repair software, but had numerous problems when I went and used there virus program, seriously a "security" issue - I wanted to keep in constant communication with its "mother site", and transfered lots of data back and forth, when I was connected, what, I don't know, but "scarey" none the less.
Aay, you thinking the way I am? This "communication" could just be a "updater" to keep the program, or virus defs updated, as much as possible?
I can't imagine, considering how many virus's are created, and virus sigs added, on a daily basis, that a virus program is going to "keep" downloading a "complete list" everytime you run it, that would be insane. Unless... (as the mainstream virus programs have done), "they" are looking to the future, when "they" may start to "charge" to get those virus sigs, in the future. If thats the case, it is quite easy to "add" a locking mechanism on the download side on there site. Norton has gone to this scheme, where you pay for virus updates on a monthly/yearly basis. McAfee does about the same thing, not on the virus sigs though, but there program, and engine. McAfee changes the "format" of there virus sig files, so that only the "current" version of there program can read it. Thus, forcing someone to have to pay for a "update" virus program to use the sigs. They don't charge for the sigs though, but in essence, they are.
I still hold true to my original thinking: I think virus's were created by the virus program developers, and continue to "help" development of new virus's. Thus, keeping them in business. I can't prove, nor disprove, this, but it sure seems like it.
Just my thoughts,
Cuddles
Well, McAfee decided to do the Auto-update thing, but it still won't open to scan for viruses. Haven't tried the f-prot download with v3.4 yet (it's Finals week, that's on the list for tomorrow when we're both done and have a little more time...). So that's the plan I suppose, we'll see how it goes. Thanks a lot for your help. I love all the friendly, helpful people in this forum.
Thanks especially to softwaretester, I wouldn't have found that myself without hunting for it for several hours...
Posting Permissions
$8.00
$8.00
Knoppix Live GNU Linux System 9.1 on Bootable CD / DVD / USB Flash Drive
$9.99
Linux Knoppix 4.0.2 Installation Disc
$29.99
KNOPPIX 9.1 LINUX INSTALL & LIVE DVD
$9.99
Knoppix Linux Bootable OS v8.6 "Original Live Operating System" 32G USB Stick
$20.30
Acer Aspire One 9 inch Netbook ZG5 512MB RAM 8GB SSD HD Knoppix Linux WiFi VGA
$79.99
Knoppix 3.4 Linux installation CD
$10.00
Knoppix Linux Bootable OS v8.6 "Original Live Operating System" 16G USB Stick
$19.95
