I was told to check out knoppix to clean windows machines. i'm using knoppix now, but am having no luck scanning the windows partition. what progs should i use? is this possible?

clamav may be what you are looking for: http://www.clamav.net/ See this post: http://www.knoppix.net/forum/viewtopic.php?p=86393#86393 It may be as simple as an 'apt-get update && apt-get install clamav'

Good luck and let us know how it goes.

Regards,
- Robert
http://www.cwelug.org/

now i cant find it in knoppix. where would clamav go is it wasd installed through kpackage? in other words, how do i run it?

thanks for all the help so far...

Dave

Open a terminal and type clamscan [options] [file/directory/-]
For example "clamscan -r / " check root and all subdirectories. You can take a look at this man page:
http://docsrv.sco.com:8457/cgi-bin/man?mansearchword=clamscan&mansection=1

Maybe your problem is: how to scan the win partion?
I've tryed clamscan -r /dev/hda1 without success :cry:

it seems to be working does this seem like the proper code to run an AV? or am i actually mounting clamscan onto the hard disk?
thanks again for all the help :o

found 1 infected file.."pagefile.sys: Exploit.HTML.MHTRedir-8 FOUND"
tried to remove using --remove command
said it could not remove. is it really a virus, am i on the right track here? thanks again for the help max and everyone...
BTW this machine scans clean with norton, spybot, and adaware all updated. just interested in running a linux scan and what to do next is all.

dave

knoppix@2[knoppix]$ clamscan /mnt/hda1 --remove
/mnt/hda1/3vmjawf0.sys: OK
/mnt/hda1/AUTOEXEC.BAT: Empty file
/mnt/hda1/boot.ini: OK
/mnt/hda1/CONFIG.SYS: Empty file
/mnt/hda1/ffastun.ffa: OK
/mnt/hda1/ffastun.ffl: OK
/mnt/hda1/ffastun.ffo: OK
/mnt/hda1/ffastun0.ffx: OK
/mnt/hda1/IO.SYS: Empty file
/mnt/hda1/IPH.PH: OK
/mnt/hda1/MSDOS.SYS: Empty file
/mnt/hda1/NTDETECT.COM: OK
/mnt/hda1/ntldr: OK
/mnt/hda1/pagefile.sys: Exploit.HTML.MHTRedir-8 FOUND
/mnt/hda1/pagefile.sys: Can't remove
/mnt/hda1/VIRTPART.DAT: OK

----------- SCAN SUMMARY -----------
Known viruses: 33876
Engine version: 0.84
Scanned directories: 1
Scanned files: 11
Infected files: 1
Not removed: 1
Data scanned: 59.31 MB
Time: 140.786 sec (2 m 20 s)

said it could not remove...

This maybe because knoppix doesn't get you write permissions on hd by default.
Try get full permissions to hd with something like 'chmod 777 /mnt/hda1', or in kde right click on hd icon/actions/make device writable.
As last option delete/replace the infected file with some dos/win boot floppy.

bye, max