-
Using Knoppix: Scan Windows NTFS for Viruses using Antivir.
I found an alternative to using clamscan from knoppix, it requires an internet connection in this tutorial. For downloading Antivir.
1. With knoppix as your boot cd or dvd, Boot from CD/DVD.
2. At knoppix splash screen hit
3. Open a terminal window.
4. Get root/admin rights.
4a. Change directories.
(I ommitted the above step, seems to work also)
5. Download Antivir.
Code:
wget http://dl1.avgate.net/down/unix/packages/antivir-workstation-pers.tar.gz<ENTER>
6. Extract the downloaded tar file.
Code:
tar xvpzf antivir-workstation-pers.tar.gz<ENTER>
7. Change directory.
Code:
cd antivir-workstation-(whatever version # it is)
To find this just scroll up to the downloaded process, version number should be visible. Tack this inplace of the parenthesis comment.
8. Install.
The period before the slash is important.
9. Update Antivir.
Code:
antivir --update<ENTER>
10. Identify ntfs device.
Code:
cat /etc/fstab<ENTER>
Look for ntfs. You should see something like," /dev/hda1 /media/hda1" in the same line. My ntfs was sda1.
11. Mount ntfs drive.
Code:
ntfs-3g /dev/(your device) /media/(your device)<ENTER>
If it works, your hard drive light will blink, showing you that you can access it.
If not you may have to right clik the hard drive on the desktop an uncheck read only under properties. (I think.)
12. Choose scanning method.
Code:
antivir -lang=EN -rfmalware.txt -r1 --allfiles --alltypes --scan-in-mbox -s -z -onefs -ren /media/(your device)/<ENTER>
The -ren will rename what it finds without deleting it, replacing the original extention with .xxx.
The -rf will write a log to the file specified, in this case malware.txt. You can e-mail it to yourself before rebooting.
When you boot back into windows just search for .xxx and submit to Virus Total or Jotti.
13. When done, unmount ntfs.
Code:
umount /media/(your device)<ENTER>
14. Reboot
This concludes the Scanning for Viruses with Knoppix on Windows NTFS Volumes using Antivir.
The original information can be found at the following address:
http://www.castlecops.com/postx185079-0-0.html post #9
If anyone has a method for any other anti-virus vendors, please document each action, as above, and post.
Sophos supports linux, Panda supports linux.
Please include if it does or does not use rename option.
I hope this helps,
Condor
Similar Threads
-
By duah55 in forum MS Windows & New to Linux
Replies: 12
Last Post: 01-12-2010, 08:36 PM
-
By sammy1971 in forum MS Windows & New to Linux
Replies: 1
Last Post: 09-30-2005, 10:25 PM
-
By Synthpopalooza in forum Networking
Replies: 2
Last Post: 09-22-2005, 01:10 PM
-
Replies: 6
Last Post: 04-22-2005, 10:02 PM
-
By cascadefx in forum Tips and Tricks
Replies: 1
Last Post: 07-01-2003, 09:13 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Western Digital WD4000FYYZ RE 4TB 7200 RPM 64MB Cache SATA 6Gb/s 3.5" Hard Drive
$28.60
HDD 3.5" SATA Hard Drive with Windows 7/Win 10 Installed Legacy
$35.99
Seagate Enterprise Capacity 8TB 7200 RPM Internal Hard Drive ST8000NM0045
$147.99
*LOT OF 40* 500GB Desktop PC 3.5" SATA Hard Drive HDD*Tested*
$212.00
HGST Ultrastar DC HC520 12TB SATA 6Gb 256MB 3.5" Enterprise HDD- HUH721212ALE601
$89.99
HGST Ultrastar HE10 10TB SATA 6.0Gb/s 7200 3.5" Datacenter HDD - HUH721010ALE601
$69.99
Seagate ST12000NM0127 12TB SATA 6Gb/s 256MB 7200RPM 3.5" Enterprise Hard Drive
$99.99
Seagate Exos X18 ST16000NM000J 16TB 7200RPM SATA 6Gb/s 256MB 3.5" Hard Drive
$134.99
Seagate IronWolf Pro 18TB 7.2K 6G 3.5 SATA HARD DRIVE - ST18000NE000
$219.99
Seagate ST8000NM0055 8TB 7200RPM 256MB SATA 6.0 Gb/s 3.5" Enterprise Hard Drive
$41.81