Tuesday, March 2, 2010

How to Create an Ubuntu-based Bootable USB Anti-virus Rescue Kit to Scan a Windows Drive

One thing I like about Linux is its versatility. It has no hardware restriction, unlike other operating systems. So versatile, in fact, that you can even install the whole system on a bootable USB flash drive.

One advantage of having a bootable Linux anti-virus rescue USB is that you can scan a malware-infested drive without booting into your native operating system. You can just boot from the flashdrive and scan the drive from there.

Step 1.   Create the Ubuntu Live USB.
Download Ubuntu ISO from here
Create the Ubuntu Live USB (from Windows)
Create the Ubuntu Live USB (from an Ubuntu Live CD)
Create the Ubuntu Live USB (Ubuntu Startup Disk Creator with screenshots)

Step 2.   Boot from your Ubuntu Live USB.

Step 3.   Open Mozilla Firefox and download Avira AntiVir Personal - FREE Antivirus for Linux.
Download Avira binary
Download License file for Avira

Step 4.   If the downloaded Avira tar file location is not in your /home/ubuntu (~/) folder, copy or move the file (together with the license file - hbedv.key) into that folder (for easier installation).

Step 5.   Extract the tar file by double-clicking (GUI) or using the terminal.
Launch the Terminal (Applications->Accessories->Terminal)
Extract the tar file "tar xvpzf antivir_workstation-pers.tar.gz"
You /home/ubuntu folder, after extraction, should contain the Avira installer

Step 6.   Using the Terminal, change current directory into the Avira installer folder/directory. "cd antivir-workstation-pers-"

Step 7.   Install Avira (follow on-screen instructions, but answer "n" when it prompts you to install dazukofs). "sudo ./install"

Step 8.   Change location to your /home/ubuntu directory ("cd ~/") and copy the license file to /usr/lib/AntiVir directory. "sudo cp hbedv.key /usr/lib/AntiVir"

Step 9.   Start avguard ("sudo avguard start"), then update the virus database (may take a while). "sudo /usr/lib/AntiVir/guard/avupdate --product=Guard"

Step 10.  Mount the drives you want to scan and run Avira with the following options. "sudo avscan --scan-mode=all -e -del /media". This will scan all files, try to repair the infected ones, and delete the ones it could not repair. Read the manual for more info (/home/ubuntu/antivir-workstation-pers-
Other advantages of using the Live USB:
- Recover or access data from a drive with corrupted operating system.
- Recover a damaged partition table.
- Resize or repartition a drive.
- Boot onto other computers that may be unsecure, unsafe, or may have virus/malware.
- Avoid keyloggers or other programs designed to steal information when logging into your important accounts such as a bank account.
- Diagnose various computer problems such as hardware and software issues.
- many more...

* Post updated to reflect latest Avira version (antivir-workstation-pers- as of July 28, 2010

0 comments so far:

Talk to Memnoch (A.I.)