Antivirus Live CD is a 4MLinux fork including the ClamAV scanner. Both Ethernet (including Wi-Fi) and dial-up
(including fast USB modems) Internet connections are supported to
enable automatic updates of the virus signature database.
1) Boot your copy of Antivirus Live CD (or Antivirus LiveUSB):
2) Once it has booted, you can log in as 'root' using password 'root':
3) After executing 'help', you will see the following screen:
4) And after executing 'antivir', you will see this screen:
5) It is highly recommended to update virus databases:
NOTE:
If you need to configure your Internet connection, you should run the 'netconfig' script (the procedure is very similar to the one described here).
6) And finally, when the update process is over, you can start the ClamAV scanner:
NOTE:
Antivirus Live CD will check all your disks against viruses. This is possible because all partitions are mounted automatically during boot so that they can be scanned by ClamAV (the supported filesystems are: btrfs, ext2, ext3, ext4, f2fs, fat16, fat32, hfs, hfs+, jfs, nilfs2, ntfs, reiser4, reiserfs, and xfs).
7) AntivirusLivecd has Midnight Commander (file manager) and Links
(text-based web browser), which can be very helpful in some cases:
AntivirusLivecd is able to make a backup of your data (and to send it to a remote FTP/SFTP server if desired). Just try it yourself by
executing 'backup' and 'fsbackup' commands!
Good luck :-)
After checking all disks, ClamAV found infected files. Where do I find which files are infected? Where is the logfile stored?
ReplyDelete1) The newest Antivirus Live CD (5.1-0.97.7): infected files are automatically moved to the /var/clamav/infected directory.
Delete2) Older versions: you should execute "clamscan --help" to see all available options.
Hello, is there a way (in the latest version) to make a scan without taking any action? I would like to just have a report of the detected infected files, without deleting/moving/renaming them automatically. Thanks.
ReplyDeleteYou are not the first one who asks about that. Within 48 hours there will be a new release, which will allow AntivirusLiveCD user to decide what should be done with suspicious files. Normally, this should be quicker, but I am a little busy with my TheSSS now ;-)
DeleteDone! Antivirus Live CD 6.0-0.97.7-BIS will ask you what should be done with infected files.
DeleteIs this live CD compatible with 3 terabyte hard disks? I have two internal ones, formatted with GPT and NTFS. Thanks.
ReplyDeleteHello, it would be a nice feature to be able to scan just the selected hard disks, instead of always all of them.
ReplyDeleteJust run ClamAV manually:
Deleteclamscan file_to_scan
camscan -r folder_to_scan
What form of the way to the file? C:\Documents and Settings or C:\Documents and Settings\ is correct way?
DeleteNo, it isn't.
DeleteOpen Midnight Commander (by executing "mc"), select the files that you want scan (you can navigate using your mouse), press F2, choose "Do something on the current file", type "clamscan", and click on the OK button. You will have to wait a few seconds till antivirus is started.
Good luck :-)
One more remark. You will find your windows in the "mnt" directory.
DeleteCan I scan a folder or group of folders at once?
DeleteThank you for your answer.
You can select many files (or folders) using your right mouse button in Midnight Commander.
DeleteHi, nice tool, i would like to know if there is a way to use the antivirus ISO with YUMI. Of course i´ll ask YUMI team native support for your great/small distro. Thank you.
ReplyDeleteThanks :-) Unfortunately I have no experience with YUMI, so I cannot help you.
DeleteI have used the 4mlinux clamav live with YUMI. It works great. Just select the "try unlisted ISO" choice when selecting the ISO.
DeleteThanks for the feedback :-)
DeleteThis comment has been removed by the author.
DeleteA versão atualizada do YUMI já vem com ele na lista, melhor.
DeleteTrying to clean an old WinMe box (128mb ram) with version 6.0-0.97.8. After virus signatures update, I get this: libclamav error cl_load(); can't get status of /usr/local/share/clamav
ReplyDelete128 MB of RAM may be not enough...
DeleteThanks for your kind reply. Might an older version have a better chance of running properly?
DeleteOr, if you're aware of a similar live cd that might work, that info would be great!!
DeleteThe problem is that modern antiviruses have virus databases ca 50MB (or even more). This must be loaded to RAM (plus, of course, operating system itself).
Delete--------
If you have at least 1GB of a free disk space and you are familiar with Linux, you may try to install TheSSS to your hard disk drive (see the "Links" section at the top of this page). TheSSS is installed on http://server.4mlinux.com, which has only 128 MB of RAM, and the "antivir" command works flawlessly.
I read the page on TheSSS. Might it run live from cd?
DeleteThanks for your help! I may give the install a go.
ReplyDeleteI ran into a problem that the livecd hangs at a chang root password screen. Any ideas?
ReplyDeleteTry to run it with VESA framebuffer enabled
ReplyDeleteRunning AntivirusLiveCD 6.1-0.97.8 in a PC with 768MB of RAM, when I enter immediately after booting and logging in:
ReplyDelete# clamscan -r /mnt/sda3/home/richard/Documents/BCS
(which is a valid directory on one of my existing partitions) I get the error:
LibClamAV error: cl_load(): Can't get status of /usr/local/share/clamav.
Running:
# freshclam -v
before clamscan didn't help.
Any assistance would be greatly appreciated.
It looks that clamav cannot update its virus signature database (or this database is broken). Do you have a valid internet connection ? You can check it by executing (for example) "links google.com".
DeleteOne more remark. You have run antivirus "immediately after booting". You MUST allow clamav to update its virus signature database before running the scanner. Execute the "antivir" script. When the update process is over, you can interrupt this script by pressing CTRL+C.
DeleteThis is a very cool little tool.
ReplyDeleteWhile it's possible to use pretty much any live cd solution to scan media for viruses with clamav, AntiVirusLiveCD presents the process in a very clean and uncluttered environment, perfect to reasure those management-types that nothing is going to get worse than it already might be.
Could the author (i'm discovering 4MLinux here) put a wiki up for AntiVirusLiveCD? I have some documentation to contribute
Thanks for your nice comment.
DeletePS.
Unfortunately, I have no time to write Wiki now, but it may change in the future, so please let me know how I can contact you (my mail: 4mlinux at gmail.com).
Still hanging at change root password screen when I boot to this cd. I tried enabling VESA Frame buffer with default option (hit space instead of enter). I tried to boot with VESA frame buffer enabled and selected 800x600 graphics mode and any way I try it, it hangs at the change root password screen. I appreciate your work and would like to help troubleshoot, but I have a virus to eradicate... ;)
ReplyDeleteBefore trying the Live CD...
ReplyDeleteHas this software been tested with GPT 3TB disks?
Have file-system corruptions been reported, or they shouldn't happen?
No file-system corruptions have been reported yet.
DeleteThis is an odd question, I realize.
ReplyDeleteI made a boot disk of this at some point in the last year. I am trying to help a family member remotely run this, however I don't know which version she has.
When she runs, antivir, it never prompts for what to do with infected files. It just starts scanning. It then subsequently shows a summary, with 4 infected files.
Was there a command line switch prior? Or did older versions auto quarantine? I've tried to find older docs, but have been unsuccessful.
Thanks so much. Very nice product. Now if only I'd port forwarded ssh and there was an sshd, I'd be golden. ;)
Just download the latest version. It asks what should be done with suspicious files, and it has ssh client. Thanks for your nice words :-)
DeleteI wish I could, but I'm very remote and really the only option I happen to have is the version she's booting off of.
DeleteDo you have any suggestions about what older versions needed to execute the quarantine?
Thanks again.
For example:
Deleteclamscan -r --move=/tmp /mnt/sda1
This will scan all files in the /mnt/sda1 directory (this is usually Windows drive C), and move all suspicious files to the /tmp directory.
Note: AntivirusLiveCD is running in RAM disk, so you should replace /tmp with something else (if you do not loose moved files after reboot).
Good luck :-)
Ok, I have maybe an odd question: Is it possible to boot the live cd, update the signatures, then re-burn the live cd? I thought about using virtualbox somehow but I'm not sure how to create the iso image from the running system because I think its running in ram? can you dd a live system from ram to make a live distro? I'm just asking because sometimes it takes a while to update the signatures and if I could only do it once in a while it would be handy. It's an awesome tool by the way!
ReplyDeleteYour way of making a live CD won't work ;-)
DeleteTIP:
It is a good idea to interrupt the update process if it goes very slow. You can do by pressing CTRL+C. Then you can execute the "antivir" command again, and you will have a big chance to get connected to a faster mirror.
Here you are:
Deletehttp://linux.softpedia.com/progDownload/Antivirus-Live-CD-Download-88057.html
My linux runs usb modem sakis3g to ease internet conections but it just runs over a gtk environment...and now, how I upadate the app?
ReplyDeleteUse the "DB" release of Antivirus Live CD:
ReplyDeletehttp://sourceforge.net/projects/antiviruslivecd/files/
It works without an Internet connection.
Good luck!
Is it still possible to update the virus signatures for Antivirus Live CD offline/without an internet connection? The DB release does not appear to exist at this link.
DeleteSorry but i does not boot...I have used the antivirus.xxxxx.db.iso, it shows nothing
ReplyDeleteSo your hardware is either damaged, or totally incompatible with Antivirus Live CD.
DeleteOr he just copied the .iso file on the CD/USB instead of burning it as an image ;-)
DeleteMy machine has two disks, one has 100G/500G Linux Slackware-14 with ext2 fs, the other has OpenBSD (250GB) that has caused everything. Would it be necessary to remove OpenBSD from 250gb disk in order to your AntiVirus.xxx.db.iso work?
ReplyDeleteThe supported file systems are listed in the post above.
DeletePS.
Running 100 GB Slackware on ext2 partition is somewhat risky. Consider upgrading it to ext3/ext4
hello not let me enter a password on boot test three different teams and squeezed but not brand anything
ReplyDeleteIf I only knew what you are talking about ... If you wish you can send more details to 4mlinux@gmail.com, and you can do it in your native language ;-)
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteIt's a cool tool. I have installed it in my USB "bag of tricks" via YUMI. However, I am running into an update issue. I can connect to my wifi, and when I run antivir, it does not ask me for an update. I had to add a user 'clamav', and chown the /var/clamav to the clamav user, and then run freshclam to have it updated manually. Any idea what might be wrong in my setup? I did not change any files or anything.
ReplyDeleteI agree with you when you say that it's a cool tool! (Just kidding :-)
DeleteI have no experience with YUMI. Please try to use use UNetbootin instead.
Regards,
zk1234
Well I made it work for my purpose. I edit the initrd with a simple script, that automatically adds a user "clamav" with a standard password, chowns the dir /var/clamav and links /etc/freshclam.conf to /var/clamav/freshclam.conf. I added my script in the rcS file at the end to make it run at boot.
ReplyDeleteIt works for me. I cannot use UNetbootin, as my USB stick has several tools to boot from, each for different purposes. I have Hiren's bootcd, antivirus live cd, memtest, and two different live linux distributions, that I can choose from in a nice boot menu that I adapted to my needs. It took me a while to have it running, but it does what I want it to do now.
Well, this does seem to do the job, thanks....However, after logging-in, I was informed that the virus database was over seven days out-of-date; and went straight to scan - there was no option to allow the update to take place. I have rebooted several times all with the same result, any ideas, please?
ReplyDeleteI have issues with my b****y Windows disc (Linux Mint is my default) and after a five hour scan 19 infected files were detected, so I'd like to find them and avoid a complete re-install.
Many thanks,
David
You can force an update by executing the "freshclam --user=root" command.
DeleteGood luck :-)
Just download it and give a try =)
ReplyDeleteIt starts but antivirus give me a error message like the virus database is not fresh.
How to force the update ?
Good job, great (beta?) tool =)
The command freshclam ;-)
DeleteStrictly speaking "freshclam --user=root"
DeleteThanks ! I tried "freshclam" only and it did not work, so I considered that this command was off. I just tried freshclam --user=root and it worked =)
DeleteMaybe someone should write this on the FAQ ? I didn't find this on the blog :)
DeleteWhat should I do to make sure the Master Boot Record (MBR) has no virus?
ReplyDeleteNo such an option in AntivirusLiveCD.
ReplyDeleteI tried to create a USB boot using Windows UNetbootin, but doesn't worked. Only works using Linux UNetbootin with me. What could be?
ReplyDeleteI tried to use this nice live cd, it seems powerfull, but once booted and selected display type, i cannot insert any type such as login id and password. My usb keyboard seems died. On a Lenovo M73 pc desktop.
ReplyDeleteThanks for this unbelievable product.it is a first class prog and I used it today for the first time and it swipes the garbage from my pc away like nothing.
ReplyDeleteGREAT PRODUCT INDEED. MY COMPLIMENTS.
One question is it normal that it takes more than 12 hour's for scanning my harddrive and still going on. Data amount is probably around the 250 gigs on primary mbr and 9 gig recovery. Can you let me know if it's normal?well apriciate for your efforts for making this app. Makes my day perfect.
Cheers from a happy dude
Hi,
DeleteThat is normal, especially if you have many compressed archives.
Thanks for sharing such informative post on antivirus live CD.
ReplyDeleteAntivirus Live CD Detect Rootkit
ReplyDeleteHello, I tried but it hangs at password screen, try to type but the keys not responding, unfortunately I couldn't pass this step. I have to go to BIOS to extract de CD and reboot.
ReplyDeleteIs there any solution to this?
Thank you and greetings from Argentina.
Impossible to give you a short answer here.
DeleteIf you wish, you can ask this question here:
http://www.linuxquestions.org/questions/4mlinux-115/
Unplug the keyboard usb, then plug back in, when the green lights come back on your keyboard, try typing, if that does not work, use another keyboard.
DeleteMabey I'm a noob but I cann't seem to get it to work.
ReplyDeleteYou can use Unetbootin to create a usb stick. When I open Unetbootin and chose diskimage and then load the iso file and then chose oke. After it has run and I reboot the system it doesn't load from usb.
Also the usb isn't recognized as a bootable device, so I ges I dith somthing wrong at usb creation????????
I hope some one can give a step by step ore tell me what I dith wrong.
Thank you for your help
Ask here:
Deletehttp://www.linuxquestions.org/questions/4mlinux-115/
Thanks for sharing such informative post uggoutlet on antivirus live CD.
ReplyDeleteThank you for such great software, your software cleaned out what McAfee and almost ever other scanner on the market could not.
ReplyDeleteWould you be able to tell me what command I could type to have the results show me the location of the infected files as well as the infection type and how to enable logging to the C: drive. Thanks
Thank you very much for giving us to express our feeling and thoughts about above information. I think you will keep updating and changing these information time to time if there is need to change. revenue assurance audit delhi, company registration in delhi online , top 10 ca company in India, read more, business advisory consulting services in india, top accounting companies in india.
ReplyDeletecan this boot to uefi ? the usb won't boot in uefi
ReplyDeleteI get an error when it boots
ReplyDeleteNot enough memory to load specified image
boot:
Las Vegas Casinos and Resorts - Mapyro
ReplyDeleteMapyro is a 경기도 출장샵 directory of casinos located in 하남 출장샵 Las Vegas, NV. of the 세종특별자치 출장마사지 three hotels near the airport. 양주 출장안마 The hotel 대전광역 출장안마 also offers
I am using the software to scan for viruses on a windows drive, but the sata to usb adapter doesn't seem to be recognized by the software, either that or the software is not able to see all of the drives. I went to the /mnt folder and saw sda2 through sda5 using the mc command. But i have 5 physical drives including the usb drive that i use to house the antivirus software (used rufus to "burn" it onto the usb drive) and 8 (or more if you count the recovery partitions) partitions across those physical drives so you know that I'm missing some in the list. The sata to usb should not need any special drivers so i am unsure how to fix this so that i can scan specifically the sata drive on the usb adapter. Any ideas? By the way i am using a laptop that does not have any more room for any more drives so i cannot just insert them into the pc to scan them
ReplyDeleteThank you for sharing this useful information. Do you know Antivirus is really necessary if you want to keep your Computer, laptop, phone, or another electronic device that comes enabled with webcams are safe. If you want to know about antivirus follow our blog, and here is our latest blog:- What is Virus Signature.
ReplyDeleteyou are absolutely welcome! Love your blog and posts!
ReplyDeletePrivate Equity Funding
Thanks for the informative and helpful post, obviously in your blog everything is good.
ReplyDeleteForeign Company Registration in India
Excellent blog.Very helpful
ReplyDeletehttps://ezybizindia.in/subsidiary-company-registration/
wow that was so good I really loved the information thanks
ReplyDeleteDigital Marketing Agency in Hyderabad