Odd Linux-Windows question

[quinterro]

Does anyone know of a program in Linux that can scan a PC hard disk for Windows spyware?

I figured this would be the appropriate forum for this to be asked. On occasion I have to move a customer's hard disk to my computer for backup/virus scanning. Simply moving the drive over does not necessarily allow my computer to detect spyware.

 

[Bolle]

clamxav does this on macs... btu i dunno if it can scan windoze hard drives.

 

[quinterro]

Using Ubuntu 7.10 I can mount a NTFS drive as read-write. It came in really handy when I needed to back up documents from a private folder. Windows 2000 would not read the folder.

I scanned for viruses with Avast Antivirus for Linux telling it to scan media/PRESARIO. It didn't mind running it on a Windows drive.

 

[MrCoffee]

THere are several liveCD's that run Linux that has Spyware/AV programs on them for scanning Windows HDs.

Try FrozenTech's LiveCD listing.

 

[QuadSix50]

ClamAV is available for GNU/Linux. Check Synaptic for it. There's also a GTK frontend to it but it's horribly ugly. It's possible that the QT frontend might be better.

There are also two rootkit detectors. One's called chrootkit, and I forget the name of the other. Just search for "rootkit" in Synaptic and both of them should come up.

The only problem you might have would be with NTFS volumes. By default, they are loaded read-only. Gutsy has the support already (FUSE/ntfs-3g) so it's a matter of telling it to enable write access. Once you have that, then run your scans.