Note: Antivirus Live CD boots in the same way as 4MLinux does (this was described here).
1) Boot your copy of Antivirus Live CD (or Antivirus LiveUSB):
2) After executing 'help', you will see the following screen:
3) You can try to run the 'antivir' command now. An automatic update of the virus signatures database will be started:
NOTE: if you need to configure your Internet connection, you should run the 'netconfig' script (the procedure is very similar to the one described here).
4) When the update process is over, the ClamAV scanner will be started:
NOTE: Antivirus Live CD will check all your disks against viruses. This is possible because all partitions are mounted automatically during boot so that they can be scanned by ClamAV (the supported filesystems are: btrfs, ext2, ext3, ext4, FAT, HFS, HFS+, jfs, Minix, NTFS, ReiserFS, and XFS).
5) Antivirus Live CD includes Midnight Commander (file manager) and Links (text-based web browser), which can be very helpful in some cases:
NOTE: Antivirus Live CD is also able to make a backup of your data (and to send it to a remote FTP server if desired). Just try it yourself by executing 'backup' and 'fsbackup' commands!
Technically speaking, Antivirus Live CD is an extremely small Linux-based operating system (only about 17-18 MB in size), which was designed to act as a platform independent antivirus tool, meaning that it can be used by Linux, Windows and Mac users.
Good luck :-)
After checking all disks, ClamAV found infected files. Where do I find which files are infected? Where is the logfile stored?
ReplyDelete1) The newest Antivirus Live CD (5.1-0.97.7): infected files are automatically moved to the /var/clamav/infected directory.
Delete2) Older versions: you should execute "clamscan --help" to see all available options.
Hello, is there a way (in the latest version) to make a scan without taking any action? I would like to just have a report of the detected infected files, without deleting/moving/renaming them automatically. Thanks.
ReplyDeleteYou are not the first one who asks about that. Within 48 hours there will be a new release, which will allow AntivirusLiveCD user to decide what should be done with suspicious files. Normally, this should be quicker, but I am a little busy with my TheSSS now ;-)
DeleteDone! Antivirus Live CD 6.0-0.97.7-BIS will ask you what should be done with infected files.
DeleteIs this live CD compatible with 3 terabyte hard disks? I have two internal ones, formatted with GPT and NTFS. Thanks.
ReplyDeleteHello, it would be a nice feature to be able to scan just the selected hard disks, instead of always all of them.
ReplyDeleteJust run ClamAV manually:
Deleteclamscan file_to_scan
camscan -r folder_to_scan
Hi, nice tool, i would like to know if there is a way to use the antivirus ISO with YUMI. Of course i´ll ask YUMI team native support for your great/small distro. Thank you.
ReplyDeleteThanks :-) Unfortunately I have no experience with YUMI, so I cannot help you.
DeleteTrying to clean an old WinMe box (128mb ram) with version 6.0-0.97.8. After virus signatures update, I get this: libclamav error cl_load(); can't get status of /usr/local/share/clamav
ReplyDelete128 MB of RAM may be not enough...
DeleteThanks for your kind reply. Might an older version have a better chance of running properly?
DeleteOr, if you're aware of a similar live cd that might work, that info would be great!!
DeleteThe problem is that modern antiviruses have virus databases ca 50MB (or even more). This must be loaded to RAM (plus, of course, operating system itself).
Delete--------
If you have at least 1GB of a free disk space and you are familiar with Linux, you may try to install TheSSS to your hard disk drive (see the "Links" section at the top of this page). TheSSS is installed on http://server.4mlinux.com, which has only 128 MB of RAM, and the "antivir" command works flawlessly.
I read the page on TheSSS. Might it run live from cd?
DeleteThanks for your help! I may give the install a go.
ReplyDeleteI ran into a problem that the livecd hangs at a chang root password screen. Any ideas?
ReplyDeleteTry to run it with VESA framebuffer enabled
ReplyDelete