Ok, here is what I did to scan my Windows PC with a Ubuntu CE Live CD. I wrote it out in a way that you can take it and include it in directions or something like that if you would like. Modify it if you see anything that needs changing. Really nice benefit to Ubuntu CE.
1. Boot into Ubuntu CE (I used dapper because that is the disk I had handy, I'm about 90% sure Edgy would be the same, and a little better because the ClamAv Engine will be more up-to-date)
2. Open Terminal type paste This will let you know what partitions are there.
Note: If you have more than one partition you want to scan then you are going to need to make 2 or three directories, depending on what you want to scan.
3. Now in the terminal
You can really use whatever you want for the sda2 part. I always like to use the hard drive name. Anything red from here on out you may need to adjust.
sudo mkdir /media/sda2
4. Next in the good old terminal
this is all I did and it mounted my NTFS partition. Note: Also if you have more than one, you will need to mount them all.
sudo mount /dev/sda2 /media/sda2
Note: If the Live CD didn't automatically detect and setup your Network connection, you will need to make sure it works before updating ClamAv. It set mine up for DHCP, which my network doesn't like, so I went and placed the IP address in to make it work better.
5. Now we need to update ClamAv with the latest virus info. Again in the terminal the -v is the verbose mode, I like to know what is going on.
6. Now we are going to scan the drive or drives. I don't trust ClamAv to just go ripping files out of where they belong, so we are just going to log all the info, and you will need to go back and manually remove anything that doesn't belong. Again in the good old terminal
Some of the options you can adjust as you prefer. If in doubt type and check out the options. Here are the ones that I use:
sudo clamscan -rvi --no-mail -l /home/ubuntu/Desktop/clamav.log /media/sda1
r - Recursive
v - Verbose (again because I like to know what it is doing)
i - only log the infected files
--no-mail - should keep you out of the mail boxes to avoid messing up your mail client
-l - is the log file and tells it where to log it to, ours logs it on the Desktop for easy retreival
7. Ok, I let mine run all night long, and was still going, so save ample amount of time to run this (of course it depends on the speed of the machine, and the size of the partition being scanned.) Now open the log file and you can see what was labeled as a virus, or problematic file. If you see anything that you think is a real virus you can go and delete it in the terminal using the
Use this at your own risk, it is not reversible be very careful removing files. Mine turned up three false positives two were large zip files that were too large to be scanned, and one is an old Win 98 program that I'm sure is not problematic. It didn't call them viruses, but did give some warning about them. If you have an over abundance of viruses you probably need to completely re-format your computer and your MBR to overwrite any viruses. Backup any data that is not virus infected and re-install your OS.
sudo rm /path/to/the/virus/VirusName