I found an alternative to using clamscan from knoppix, it requires an internet connection in this tutorial. For downloading Antivir.
1. With knoppix as your boot cd or dvd, Boot from CD/DVD.
2. At knoppix splash screen hit
3. Open a terminal window.Code:boot:<ENTER>
4. Get root/admin rights.
4a. Change directories.Code:sudo su<ENTER>
(I ommitted the above step, seems to work also)Code:cd /temp<ENTER>
5. Download Antivir.
6. Extract the downloaded tar file.Code:wget http://dl1.avgate.net/down/unix/packages/antivir-workstation-pers.tar.gz<ENTER>
7. Change directory.Code:tar xvpzf antivir-workstation-pers.tar.gz<ENTER>
To find this just scroll up to the downloaded process, version number should be visible. Tack this inplace of the parenthesis comment.Code:cd antivir-workstation-(whatever version # it is)
8. Install.
The period before the slash is important.Code:./install<ENTER>
9. Update Antivir.
10. Identify ntfs device.Code:antivir --update<ENTER>
Look for ntfs. You should see something like," /dev/hda1 /media/hda1" in the same line. My ntfs was sda1.Code:cat /etc/fstab<ENTER>
11. Mount ntfs drive.
If it works, your hard drive light will blink, showing you that you can access it.Code:ntfs-3g /dev/(your device) /media/(your device)<ENTER>
If not you may have to right clik the hard drive on the desktop an uncheck read only under properties. (I think.)
12. Choose scanning method.
The -ren will rename what it finds without deleting it, replacing the original extention with .xxx.Code:antivir -lang=EN -rfmalware.txt -r1 --allfiles --alltypes --scan-in-mbox -s -z -onefs -ren /media/(your device)/<ENTER>
The -rf will write a log to the file specified, in this case malware.txt. You can e-mail it to yourself before rebooting.
When you boot back into windows just search for .xxx and submit to Virus Total or Jotti.
13. When done, unmount ntfs.
14. RebootCode:umount /media/(your device)<ENTER>
This concludes the Scanning for Viruses with Knoppix on Windows NTFS Volumes using Antivir.
The original information can be found at the following address:
http://www.castlecops.com/postx185079-0-0.html post #9
If anyone has a method for any other anti-virus vendors, please document each action, as above, and post.
Sophos supports linux, Panda supports linux.
Please include if it does or does not use rename option.
I hope this helps,
Condor
A-Tech 8GB DDR3 1600 PC3-12800 Laptop SODIMM 204-Pin Memory RAM PC3L DDR3L 1x 8G
$13.99
Samsung 16GB 2Rx4 PC4-2133P DDR4-17000 1.2V RDIMM ECC Registered Server Memory
$16.29
HyperX FURY DDR3 8GB 16GB 32GB 1600 MHz PC3-12800 Desktop RAM Memory DIMM 240pin
$12.90
Corsair Vengeance LPX 32GB PC4-25600 (DDR4-3200) Memory NEVER USED LOOSE STICKS
$40.00
A-Tech 8GB PC3-12800 Desktop DDR3 1600 MHz Non ECC 240-Pin DIMM Memory RAM 1x 8G
$13.99
Kingston HyperX FURY DDR3 8GB 16GB 32G 1600 1866 1333 Desktop Memory RAM DIMM
$13.25
A-Tech 16GB 2 x 8GB PC3-12800 Laptop SODIMM DDR3 1600 Memory RAM PC3L 16G DDR3L
$27.98
A-Tech 16GB 2x 8GB PC3-12800 Desktop DDR3 1600 MHz 240pin DIMM Memory RAM 16G 8G
$27.98
A-Tech 256GB 4x 64GB 4Rx4 PC4-19200 ECC Load Reduced LRDIMM Server Memory RAM
$287.96
A-Tech 64GB 4x 16GB 2Rx4 PC4-17000R DDR4 2133MHz ECC REG RDIMM Server Memory RAM
$87.96