I found an alternative to using clamscan from knoppix, it requires an internet connection in this tutorial. For downloading Antivir.
1. With knoppix as your boot cd or dvd, Boot from CD/DVD.
2. At knoppix splash screen hit
3. Open a terminal window.Code:boot:<ENTER>
4. Get root/admin rights.
4a. Change directories.Code:sudo su<ENTER>
(I ommitted the above step, seems to work also)Code:cd /temp<ENTER>
5. Download Antivir.
6. Extract the downloaded tar file.Code:wget http://dl1.avgate.net/down/unix/packages/antivir-workstation-pers.tar.gz<ENTER>
7. Change directory.Code:tar xvpzf antivir-workstation-pers.tar.gz<ENTER>
To find this just scroll up to the downloaded process, version number should be visible. Tack this inplace of the parenthesis comment.Code:cd antivir-workstation-(whatever version # it is)
8. Install.
The period before the slash is important.Code:./install<ENTER>
9. Update Antivir.
10. Identify ntfs device.Code:antivir --update<ENTER>
Look for ntfs. You should see something like," /dev/hda1 /media/hda1" in the same line. My ntfs was sda1.Code:cat /etc/fstab<ENTER>
11. Mount ntfs drive.
If it works, your hard drive light will blink, showing you that you can access it.Code:ntfs-3g /dev/(your device) /media/(your device)<ENTER>
If not you may have to right clik the hard drive on the desktop an uncheck read only under properties. (I think.)
12. Choose scanning method.
The -ren will rename what it finds without deleting it, replacing the original extention with .xxx.Code:antivir -lang=EN -rfmalware.txt -r1 --allfiles --alltypes --scan-in-mbox -s -z -onefs -ren /media/(your device)/<ENTER>
The -rf will write a log to the file specified, in this case malware.txt. You can e-mail it to yourself before rebooting.
When you boot back into windows just search for .xxx and submit to Virus Total or Jotti.
13. When done, unmount ntfs.
14. RebootCode:umount /media/(your device)<ENTER>
This concludes the Scanning for Viruses with Knoppix on Windows NTFS Volumes using Antivir.
The original information can be found at the following address:
http://www.castlecops.com/postx185079-0-0.html post #9
If anyone has a method for any other anti-virus vendors, please document each action, as above, and post.
Sophos supports linux, Panda supports linux.
Please include if it does or does not use rename option.
I hope this helps,
Condor
HP ProLiant ML350 Gen 9 Server 64GB RAM 2.4GHz Xeon 12-Core E5-2667 v3
$300.00
Dell Poweredge R730xd 3.5 2x E5-2690 v3 2.6ghz 64gb H730 14x Trays 2x 1100w
$489.99
Dell Poweredge R630 2x Xeon E5-2680 v4 2.4ghz 28-Cores / 128gb / H330 / 2x 1TB
$279.99
1U Supermicro Server 10 Bay 2x Intel Xeon 3.3Ghz 8C 128GB RAM 480GB SSD 2x 10GBE
$273.00
Dell PowerEdge R620 Server - 256GB RAM, 2x8cCPU, 120Gb SSD/3x900Gb SAS, Proxmox
$320.00
R630 DELL 8 x 2.5'' POWEREDGE 2X E5-2680V4 32GB RAM IDRAC ENT & NDC 2X 495W PSU
$172.95
Supermicro 6028U X10DRU-i+ 2x LGA2011v3 Xeon E5-2600v3/v4 2U Server CTO
$199.99
CEOhack 1U X9DRW-3TF+ 4 Bay Server 64GB DDR3 1x E5-2667 V2 3.30GHz 8C 1x 1TB HDD
$119.00
Supermicro 1U X11DPU 2x Xeon Gold 6132 2.6GHz / 128gb / 10x 2.5 Trays / 2x 750w
$649.99
R630 DELL OEM 10X2.5'' 2X E5-2660V3 32GB RAM 2X750W PSU SERVER POWEREDGE
$159.95