Recently I came into a client who had a Windows XP machine that contained a nasty little virus that rendered the machine nearly unusable. When the machine would boot the CPU was pegging out at 100%, causing the GUI to be nearly unresponsive.
I attempted to run AVG, Avast, Malwarebytes - but all for naught. The machine was so slow it seemed as if installing a simple anti-virus tool was going to take me an entire 40 hour work week. So I opted for a different approach. Instead of allowing Windows to boot, I decided it was time take advantage of my good old friend, Linux! That's right, Linux can scan a Windows machine for viruses, and it does it quite well. And in this article I am going to show you a quick way to achieve this.
What you need
Amidst all the simplicity you will enjoy with the Linux scanning, there are a few things you will need. First you need to remove that drive from the Windows machine. That's right, we're going to attach it to the Linux machine and do a scan of this now "external" drive. I prefer to use a tool that allows me to attach the drive such that the drive is attached to the machine via USB.
You will also want to have a modern instance of Linux up and running. The machine can already be on. In fact, it's better if it is.
You will also need to install an anti-virus on Linux. http://www.f-prot.com/download/home_user/ is an outstanding choice.
The "how to"
The first thing you need to do is connect the infected drive to the Linux machine. Depending upon your distribution, an icon should appear on your desktop. If it does, double click that icon so to ensure the drive mounts. Now check to where that drive mounted (most likely in /media). What you will now do is use your Linux scanning tool to scan that mounted drive.
Let's say you are using F-Prot. To run this scan you would issue the command:
fpscan --disinfect /media/DISK
Where DISK is the mount point of your disk.
This will scan that drive and disinfect it. Understand that if one scanner doesn't locate the infected files you might want to run a different scan. You can use ClamAV for email-based viruses (Check out my article "Scan your Linux machine for viruses with ClamTK" for using a GUI front end for ClamAV). NOTE: I will be doing an article on installing and using Avira Antivir on Linux this week.
Hopefully one of your anti-virus tools will have caught the culprit and either quarantined or removed the virus. Once you are done with the scan, make sure you unmount the "external" drive before you remove the hardware.
After the hard drive is off the Linux machine, re-install it to the Windows machine, and boot up. Hopefully you are good to go.
You probably never thought you would need any anti-virus on a Linux machine. Well, if your Windows machine has become unusable you have found the perfect use for such a combination. And remember, if you are using Linux for your mail server, you should certainly have anti-virus installed.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.