How can I perform a virus scan of my Windows install from Linux?

Here's a low-sanity approach that has the advantage of not installing resident protection on Linux in the process:

1. Install clamav from whatever software packaging solution your distribution uses. For Ubuntu:

   apt-get install clamav
   

2. Mount and locate the Windows partition. If you use Ubuntu, open the Home folder and pick the relevant partition from the Devices list. From the Go menu, pick Location. The address bar turns into an editable field. Copy the contents of this field into the clipboard.

3. Open two windows of the terminal (yes - don't worry).

4. In one, type cd, paste in the mount point (right click, paste or ctrl-shift-v), hit enter. When that's done, run this:

   clamscan -ir .
   

   -r instructs clamscan to search subdirectories. -i instructs clamscan not to drown the seven lines about infected files into four hundred thousand lines about OK files (happens).

   However, that gives you no progress information, so let's fix that.

5. In the latter console window, or in a new tab, or something, paste in the following incantation in order to see what file is currently being scanned:

   watch "lsof -Fn -p `pidof clamscan` | grep ^n\/[^tpdul] | cut -c1 --complement | tail -n1"
   

   _{WTF is that? Basically: watch tells the system to run the command in quotes every few seconds. The command in quotes is split by the |s in a few parts. The first gets us the list of files clamscan has opened and a few other things. The second cuts the other things out (including irrelevant files in /tmp, /proc, /dev, /usr, /lib). The third cleans up. The fourth only shows you the file opened the latest. Don't worry about it too much.}

6. Take the results with a grain of salt. ClamAV seems to prefer reporting infections when in doubt. virscan.org is a thing that exists.

7. Google the name of the viruses and take action.