How to scan a file for viruses and spyware

[isapiens]

I usually download my "material" from reliable sources. However, sometimes i have to resort to more shady sources.

I want learn to test the file in linux the way bad_brain always talks about. How he checks whether there are any processes that are trying to connect to the internet and stuff like that.

Basically i dont feel satisfied and secure by just running adaware or avg. I want to actually see if anything is changing on the computer or if there are any connections being made.

Any help will be greatly appreciated. I posted this in linux section because i thought it might be more safe to test a file in linux than windows. If not, move it to windows section i suppose.

Thanks in advance

[bad_brain]

well, if it's a Windows app you can only check it on Linux with an AV like ClamAV: http://www.clamav.net/
the way to look for running processes and open ports differs on MS and Linux systems, on Linux you have way better in-build options.
to check for open ports I use the netstat command on Linux:

Code: Select all

netstat -tnap

shows the ports, the apps that are using them and their PIDs.
in Windows the netstat command is also available, but with much less options...so I recommend to use TCPview, it can be found in the downloads.

to check the running processes on Linux I use the ps command:

Code: Select all

ps auxwww

this gives a very detailed output about the running processes, the time they started, what app started them, CPU and RAM usage, etc.
and again, there is nothing equal on Windows, so I recommend to use Process Explorer, can be also found in the downloads. you can replace the crappy default Windows task manager with it btw.

here are screenshots from both apps:

[DNR]

yea, for windows you can use netstat -abo or something like that to see what programs are using that connection. You'll then want Process Explorer, it is a better app than taskman check it out here:
http://technet.microsoft.com/en-us/sysi ... 96653.aspx

What is cool is I can keep the .exe on a usb stick or disk and use it to quickly check out a computer's health.

DNR

[Still_Learning]

From what i understand (since this is the linux forum) i just started useing ubuntu linux and read somewhere that all you need to do is keep your system up to date, no anti virus or anti spyware is really needed, just
instal chrootkit or strengthen your kernel, here is a link i found which may help

http://ubuntuforums.org/showthread.php?t=694198

Windows mindset

Antivirus
Firewall
Wireless Security
Adware

Ubuntu mindset

Permissions and Encryption
Root kits
Intrusion detection
compiledkernel's suggested applications
Secure servers
Hardened kernels
Logs
How to perform a hardened installation
Screening your system for potential security holes

[isapiens]

ok i will try all the stuff you guys mentioned. thanks a lot.

[leechy9]

if your testing stuff on windows go to http://technet.microsoft.com/en-us/sysi ... fault.aspx it has some pretty nice stuff to check whats going on in your system. and if your looking for a good AV check out windows live onecare. i know its M$ but it is a beast for security.