SOLUTION 1 - CLAMSCAN
OK, I plowed through the ClamAV manual, coupled with my previous experience setting up a cron.daily file backups, and figured out how to implement a cron.daily process that will perform a nightly full system scan of both my Linux machines (one nfs mounted to the other), and the Windows smbfs mount points, as well as the Terastation smbfs mounted user share mount point. I intentionally excluded my Terastation protected backup share, since that directory contains large backup files and large bare metal disk images.
I downloaded the eicar.txt test signature file (http://www.eicar.org/anti_virus_test_file.htm
) and confirmed that the Linux clamscan will detect the test signature file on a Windows smbfs mounted path. The eicar.txt signature is just that, a plain ASCII file. I do not know for sure if it would detect a binary file or not. Perhaps someone else would know.
QUESTION 2 - EVENT LOGS
Still looking for a recommendation how to get Linux to pull the Windows SecEvent.evt event log and figure out how to automatically convert the file to an ASCII file that I can easily parse down to only the significant events and/or use Linux tools to process/interpret.
EDIT: FYI, If you are manually downloading ClamAV signature files and burn them to a CD using a Windows PC, make sure to ZIP the files beforehand, otherwise some file information will be lost and the signature files will not work on a Linux machine. You can thank Bill Gates for that one.