Antivirus Live CD is a 4MLinux fork including the ClamAV scanner. Both Ethernet (including Wi-Fi) and dial-up (including fast USB modems) Internet connections are supported to enable automatic updates of the virus signature database.
1) Boot your copy of Antivirus Live CD (or Antivirus LiveUSB):
2) Once it has booted, you can log in as 'root' using password 'root':
3) After executing 'help', you will see the following screen:
4) And after executing 'antivir', you will see this screen:
5) It is highly recommended to update virus databases:
If you need to configure your Internet connection, you should run the 'netconfig' script (the procedure is very similar to the one described here).
6) And finally, when the update process is over, you can start the ClamAV scanner:
Antivirus Live CD will check all your disks against viruses. This is possible because all partitions are mounted automatically during boot so that they can be scanned by ClamAV (the supported filesystems are: btrfs, ext2, ext3, ext4, f2fs, fat16, fat32, hfs, hfs+, jfs, nilfs2, ntfs, reiser4, reiserfs, and xfs).
7) AntivirusLivecd has Midnight Commander (file manager) and Links (text-based web browser), which can be very helpful in some cases:
AntivirusLivecd is able to make a backup of your data (and to send it to a remote FTP/SFTP server if desired). Just try it yourself by executing 'backup' and 'fsbackup' commands!
Good luck :-)
After checking all disks, ClamAV found infected files. Where do I find which files are infected? Where is the logfile stored?ReplyDelete
1) The newest Antivirus Live CD (5.1-0.97.7): infected files are automatically moved to the /var/clamav/infected directory.Delete
2) Older versions: you should execute "clamscan --help" to see all available options.
Hello, is there a way (in the latest version) to make a scan without taking any action? I would like to just have a report of the detected infected files, without deleting/moving/renaming them automatically. Thanks.ReplyDelete
You are not the first one who asks about that. Within 48 hours there will be a new release, which will allow AntivirusLiveCD user to decide what should be done with suspicious files. Normally, this should be quicker, but I am a little busy with my TheSSS now ;-)Delete
Done! Antivirus Live CD 6.0-0.97.7-BIS will ask you what should be done with infected files.Delete
Is this live CD compatible with 3 terabyte hard disks? I have two internal ones, formatted with GPT and NTFS. Thanks.ReplyDelete
Hello, it would be a nice feature to be able to scan just the selected hard disks, instead of always all of them.ReplyDelete
Just run ClamAV manually:Delete
camscan -r folder_to_scan
What form of the way to the file? C:\Documents and Settings or C:\Documents and Settings\ is correct way?Delete
No, it isn't.Delete
Open Midnight Commander (by executing "mc"), select the files that you want scan (you can navigate using your mouse), press F2, choose "Do something on the current file", type "clamscan", and click on the OK button. You will have to wait a few seconds till antivirus is started.
Good luck :-)
One more remark. You will find your windows in the "mnt" directory.Delete
Can I scan a folder or group of folders at once?Delete
Thank you for your answer.
You can select many files (or folders) using your right mouse button in Midnight Commander.Delete
Hi, nice tool, i would like to know if there is a way to use the antivirus ISO with YUMI. Of course i´ll ask YUMI team native support for your great/small distro. Thank you.ReplyDelete
Thanks :-) Unfortunately I have no experience with YUMI, so I cannot help you.Delete
I have used the 4mlinux clamav live with YUMI. It works great. Just select the "try unlisted ISO" choice when selecting the ISO.Delete
Thanks for the feedback :-)Delete
This comment has been removed by the author.Delete
A versão atualizada do YUMI já vem com ele na lista, melhor.Delete
Trying to clean an old WinMe box (128mb ram) with version 6.0-0.97.8. After virus signatures update, I get this: libclamav error cl_load(); can't get status of /usr/local/share/clamavReplyDelete
128 MB of RAM may be not enough...Delete
Thanks for your kind reply. Might an older version have a better chance of running properly?Delete
Or, if you're aware of a similar live cd that might work, that info would be great!!Delete
The problem is that modern antiviruses have virus databases ca 50MB (or even more). This must be loaded to RAM (plus, of course, operating system itself).Delete
If you have at least 1GB of a free disk space and you are familiar with Linux, you may try to install TheSSS to your hard disk drive (see the "Links" section at the top of this page). TheSSS is installed on http://server.4mlinux.com, which has only 128 MB of RAM, and the "antivir" command works flawlessly.
I read the page on TheSSS. Might it run live from cd?Delete
Thanks for your help! I may give the install a go.ReplyDelete
I ran into a problem that the livecd hangs at a chang root password screen. Any ideas?ReplyDelete
Try to run it with VESA framebuffer enabledReplyDelete
Running AntivirusLiveCD 6.1-0.97.8 in a PC with 768MB of RAM, when I enter immediately after booting and logging in:ReplyDelete
# clamscan -r /mnt/sda3/home/richard/Documents/BCS
(which is a valid directory on one of my existing partitions) I get the error:
LibClamAV error: cl_load(): Can't get status of /usr/local/share/clamav.
# freshclam -v
before clamscan didn't help.
Any assistance would be greatly appreciated.
It looks that clamav cannot update its virus signature database (or this database is broken). Do you have a valid internet connection ? You can check it by executing (for example) "links google.com".Delete
One more remark. You have run antivirus "immediately after booting". You MUST allow clamav to update its virus signature database before running the scanner. Execute the "antivir" script. When the update process is over, you can interrupt this script by pressing CTRL+C.Delete
This is a very cool little tool.ReplyDelete
While it's possible to use pretty much any live cd solution to scan media for viruses with clamav, AntiVirusLiveCD presents the process in a very clean and uncluttered environment, perfect to reasure those management-types that nothing is going to get worse than it already might be.
Could the author (i'm discovering 4MLinux here) put a wiki up for AntiVirusLiveCD? I have some documentation to contribute
Thanks for your nice comment.Delete
Unfortunately, I have no time to write Wiki now, but it may change in the future, so please let me know how I can contact you (my mail: 4mlinux at gmail.com).
Still hanging at change root password screen when I boot to this cd. I tried enabling VESA Frame buffer with default option (hit space instead of enter). I tried to boot with VESA frame buffer enabled and selected 800x600 graphics mode and any way I try it, it hangs at the change root password screen. I appreciate your work and would like to help troubleshoot, but I have a virus to eradicate... ;)ReplyDelete
Before trying the Live CD...ReplyDelete
Has this software been tested with GPT 3TB disks?
Have file-system corruptions been reported, or they shouldn't happen?
No file-system corruptions have been reported yet.Delete
This is an odd question, I realize.ReplyDelete
I made a boot disk of this at some point in the last year. I am trying to help a family member remotely run this, however I don't know which version she has.
When she runs, antivir, it never prompts for what to do with infected files. It just starts scanning. It then subsequently shows a summary, with 4 infected files.
Was there a command line switch prior? Or did older versions auto quarantine? I've tried to find older docs, but have been unsuccessful.
Thanks so much. Very nice product. Now if only I'd port forwarded ssh and there was an sshd, I'd be golden. ;)
Just download the latest version. It asks what should be done with suspicious files, and it has ssh client. Thanks for your nice words :-)Delete
I wish I could, but I'm very remote and really the only option I happen to have is the version she's booting off of.Delete
Do you have any suggestions about what older versions needed to execute the quarantine?
clamscan -r --move=/tmp /mnt/sda1
This will scan all files in the /mnt/sda1 directory (this is usually Windows drive C), and move all suspicious files to the /tmp directory.
Note: AntivirusLiveCD is running in RAM disk, so you should replace /tmp with something else (if you do not loose moved files after reboot).
Good luck :-)
Ok, I have maybe an odd question: Is it possible to boot the live cd, update the signatures, then re-burn the live cd? I thought about using virtualbox somehow but I'm not sure how to create the iso image from the running system because I think its running in ram? can you dd a live system from ram to make a live distro? I'm just asking because sometimes it takes a while to update the signatures and if I could only do it once in a while it would be handy. It's an awesome tool by the way!ReplyDelete
Your way of making a live CD won't work ;-)Delete
It is a good idea to interrupt the update process if it goes very slow. You can do by pressing CTRL+C. Then you can execute the "antivir" command again, and you will have a big chance to get connected to a faster mirror.
Here you are:Delete
My linux runs usb modem sakis3g to ease internet conections but it just runs over a gtk environment...and now, how I upadate the app?ReplyDelete
Use the "DB" release of Antivirus Live CD:ReplyDelete
It works without an Internet connection.
Is it still possible to update the virus signatures for Antivirus Live CD offline/without an internet connection? The DB release does not appear to exist at this link.Delete
Sorry but i does not boot...I have used the antivirus.xxxxx.db.iso, it shows nothingReplyDelete
So your hardware is either damaged, or totally incompatible with Antivirus Live CD.Delete
Or he just copied the .iso file on the CD/USB instead of burning it as an image ;-)Delete
My machine has two disks, one has 100G/500G Linux Slackware-14 with ext2 fs, the other has OpenBSD (250GB) that has caused everything. Would it be necessary to remove OpenBSD from 250gb disk in order to your AntiVirus.xxx.db.iso work?ReplyDelete
The supported file systems are listed in the post above.Delete
Running 100 GB Slackware on ext2 partition is somewhat risky. Consider upgrading it to ext3/ext4
hello not let me enter a password on boot test three different teams and squeezed but not brand anythingReplyDelete
If I only knew what you are talking about ... If you wish you can send more details to email@example.com, and you can do it in your native language ;-)ReplyDelete
This comment has been removed by the author.ReplyDelete
It's a cool tool. I have installed it in my USB "bag of tricks" via YUMI. However, I am running into an update issue. I can connect to my wifi, and when I run antivir, it does not ask me for an update. I had to add a user 'clamav', and chown the /var/clamav to the clamav user, and then run freshclam to have it updated manually. Any idea what might be wrong in my setup? I did not change any files or anything.ReplyDelete
I agree with you when you say that it's a cool tool! (Just kidding :-)Delete
I have no experience with YUMI. Please try to use use UNetbootin instead.
Well I made it work for my purpose. I edit the initrd with a simple script, that automatically adds a user "clamav" with a standard password, chowns the dir /var/clamav and links /etc/freshclam.conf to /var/clamav/freshclam.conf. I added my script in the rcS file at the end to make it run at boot.ReplyDelete
It works for me. I cannot use UNetbootin, as my USB stick has several tools to boot from, each for different purposes. I have Hiren's bootcd, antivirus live cd, memtest, and two different live linux distributions, that I can choose from in a nice boot menu that I adapted to my needs. It took me a while to have it running, but it does what I want it to do now.
Well, this does seem to do the job, thanks....However, after logging-in, I was informed that the virus database was over seven days out-of-date; and went straight to scan - there was no option to allow the update to take place. I have rebooted several times all with the same result, any ideas, please?ReplyDelete
I have issues with my b****y Windows disc (Linux Mint is my default) and after a five hour scan 19 infected files were detected, so I'd like to find them and avoid a complete re-install.
You can force an update by executing the "freshclam --user=root" command.Delete
Good luck :-)
Just download it and give a try =)ReplyDelete
It starts but antivirus give me a error message like the virus database is not fresh.
How to force the update ?
Good job, great (beta?) tool =)
The command freshclam ;-)Delete
Strictly speaking "freshclam --user=root"Delete
Thanks ! I tried "freshclam" only and it did not work, so I considered that this command was off. I just tried freshclam --user=root and it worked =)Delete
Maybe someone should write this on the FAQ ? I didn't find this on the blog :)Delete
What should I do to make sure the Master Boot Record (MBR) has no virus?ReplyDelete
No such an option in AntivirusLiveCD.ReplyDelete
I tried to create a USB boot using Windows UNetbootin, but doesn't worked. Only works using Linux UNetbootin with me. What could be?ReplyDelete
Ask this question here:Delete
I tried to use this nice live cd, it seems powerfull, but once booted and selected display type, i cannot insert any type such as login id and password. My usb keyboard seems died. On a Lenovo M73 pc desktop.ReplyDelete
Thanks for this unbelievable product.it is a first class prog and I used it today for the first time and it swipes the garbage from my pc away like nothing.ReplyDelete
GREAT PRODUCT INDEED. MY COMPLIMENTS.
One question is it normal that it takes more than 12 hour's for scanning my harddrive and still going on. Data amount is probably around the 250 gigs on primary mbr and 9 gig recovery. Can you let me know if it's normal?well apriciate for your efforts for making this app. Makes my day perfect.
Cheers from a happy dude
That is normal, especially if you have many compressed archives.
Thanks for sharing such informative post on antivirus live CD.ReplyDelete
Antivirus Live CD Detect RootkitReplyDelete
Hello, I tried but it hangs at password screen, try to type but the keys not responding, unfortunately I couldn't pass this step. I have to go to BIOS to extract de CD and reboot.ReplyDelete
Is there any solution to this?
Thank you and greetings from Argentina.
Impossible to give you a short answer here.Delete
If you wish, you can ask this question here:
Unplug the keyboard usb, then plug back in, when the green lights come back on your keyboard, try typing, if that does not work, use another keyboard.Delete
Mabey I'm a noob but I cann't seem to get it to work.ReplyDelete
You can use Unetbootin to create a usb stick. When I open Unetbootin and chose diskimage and then load the iso file and then chose oke. After it has run and I reboot the system it doesn't load from usb.
Also the usb isn't recognized as a bootable device, so I ges I dith somthing wrong at usb creation????????
I hope some one can give a step by step ore tell me what I dith wrong.
Thank you for your help
Thanks for sharing such informative post uggoutlet on antivirus live CD.ReplyDelete
Thank you for such great software, your software cleaned out what McAfee and almost ever other scanner on the market could not.ReplyDelete
Would you be able to tell me what command I could type to have the results show me the location of the infected files as well as the infection type and how to enable logging to the C: drive. Thanks
Thank you very much for giving us to express our feeling and thoughts about above information. I think you will keep updating and changing these information time to time if there is need to change. revenue assurance audit delhi, company registration in delhi online , top 10 ca company in India, read more, business advisory consulting services in india, top accounting companies in india.ReplyDelete
can this boot to uefi ? the usb won't boot in uefiReplyDelete
I get an error when it bootsReplyDelete
Not enough memory to load specified image
Las Vegas Casinos and Resorts - MapyroReplyDelete
Mapyro is a 경기도 출장샵 directory of casinos located in 하남 출장샵 Las Vegas, NV. of the 세종특별자치 출장마사지 three hotels near the airport. 양주 출장안마 The hotel 대전광역 출장안마 also offers
I am using the software to scan for viruses on a windows drive, but the sata to usb adapter doesn't seem to be recognized by the software, either that or the software is not able to see all of the drives. I went to the /mnt folder and saw sda2 through sda5 using the mc command. But i have 5 physical drives including the usb drive that i use to house the antivirus software (used rufus to "burn" it onto the usb drive) and 8 (or more if you count the recovery partitions) partitions across those physical drives so you know that I'm missing some in the list. The sata to usb should not need any special drivers so i am unsure how to fix this so that i can scan specifically the sata drive on the usb adapter. Any ideas? By the way i am using a laptop that does not have any more room for any more drives so i cannot just insert them into the pc to scan themReplyDelete
Thank you for sharing this useful information. Do you know Antivirus is really necessary if you want to keep your Computer, laptop, phone, or another electronic device that comes enabled with webcams are safe. If you want to know about antivirus follow our blog, and here is our latest blog:- What is Virus Signature.ReplyDelete
you are absolutely welcome! Love your blog and posts!ReplyDelete
Private Equity Funding
Thanks for the informative and helpful post, obviously in your blog everything is good.ReplyDelete
Foreign Company Registration in India
Excellent blog.Very helpfulReplyDelete