VSIDO Community

VSIDO Support => Scripts and How To's => How To's => Topic started by: VastOne on August 21, 2013, 02:18:41 PM

Title: How To - Use ClamAV and ClamTK from a VSIDO LiveCD
Post by: VastOne on August 21, 2013, 02:18:41 PM
This How To is for those of us who have so many friends and relatives that bring us their Windows machines to clean it up from virus attacks

As many of you know, running a Windows machine with any commercial virus protection is not always effective as they are just as much of a target

ClamAV is a native Linux AV program that can scan a Windows drive from a LiveCD session, which is the preferred method

To use ClamAV with a VSIDO LiveCD is easy and effective.  You can use this to clean the machine and show off VSIDO at the same time

Step 1:  Have a VSIDO bootable CD/DVD or USB prepared and boot the machine to VSIDO LiveCD

Step 2: From terminal run the following:

sudo apt-get update

sudo apt-get install clamav


Step 3 - Open up SpaceFM and from the menu File select Root Window.  This will open up a Root Window of the drive and you can access everything from there. Select the ntfs partition and then from Menu, select Root Terminal.  This will open that drive into a root terminal

Step 4 - From that Root Terminal run

freshclam

clamscan -l avlog.txt -r -i


This starts ClamAV and downloads the latest virus signatures and then tells ClamAV to run recursively and log only infected files to the file avlog.txt.  It is a good practice to delete the files but renaming them would be just as good.  This way if they were false positives they could be retrieved

You can also install ClamTK, which is a GUI frontend to ClamAV

sudo apt-get install clamtk

ClamTK will find and quarantine the viruses as it scans

The scan will take a while ( I just scanned 30,000 directories and 183,000 files in 83 minutes), so while it is happening you have time to tell your friends and family why VSIDO is a better choice