Tuesday, December 21, 2010
Anu
Viruses. They happen to almost everyone. If they don’t happen toyou, it’ll be your cousin Stan who get joins the malware-of-the-monthclub, and you’re the only person he knows who can fix a computer. Theproblem is, things are so screwed up that Windowswon’t even start properly. And if it does, the virus has embeddeditself so deeply that you can’t access the files and tools you’d needto remove it. Enter Linux. By booting from a Linux Live CD or USB, youcan remove the offending programs manually or with a Linux-basedanti-virus program. This guide will cover creation of a bootable USBLinux system as well as a comparison of the antivirus software options.
Choosing a Linux Distro
Thereare a few criteria to look at when deciding exactly which to go with.We’ll want something fairly small, runs well from USB, auto-detectslocal hard drives, and able to work with a persistence file so we cansave our new programs and updates directly to the USB stick.I’d recommend Crunchbang Linux.It meets all of the above criteria, it’s Ubuntu-based, and it’s just avery slick distro that would work well for this purpose. Also,whichever distro you decide, choose the 32 bit option. Your computermay be 64-bit ready but Cousin Stan’s might not, and we need thissoftware to be as portable as possible.
Installing Linux to USB
This is a topic we’ve covered before at MakeTechEasier, for Windows with Lili USB Creator and Linux with UNetbootin.Ofthe two, I’d actually recommend Lili, the Windows software, to createyour USB stick. Lili makes it easy to create a persistence file so yourchanges can be saved on the USB stick so you won’t have to reinstalland update your AV every time you use it.
Linux Antivirus Software
Anumber of commercial and independent AV vendors make Linux versions,with various amounts of hassle and levels of functionality. A few ofthe more well known ones include…| Name | License | Registration Required | Scan | Repair |
| AVG | Closed | No | Yes | No |
| Avast | Closed | Yes | Yes | Yes |
| Panda | Closed | Yes | Yes | Yes |
| ClamAV | Open | No | Yes | Yes |
We’ll be using Clam Antivirus because it’s the simplest install,requires no registration, and does an excellent job of detecting andremoving infected files. It should be available for download for justabout any Linux system from the Clam website or your distro’s online repositories. Ubuntu users can also install it by clicking here.
Running the Scan
Forstarters, you’ll want to run an update once Clam is installed so thatour scan will have the newest virus definitions. To do this, open acommand prompt and runWhilethere is a GUI called Clamtk available for download, we’ll be using thecommand line interface. This is because Clamtk lacks some of theconfiguration options that we’ll be passing to the antivirus.sudo freshclam
Torun the scan we’ll need to know a few things. First is the locationthat you intend to scan. If you’re scanning a Windows drive from a liveLinux system as intended, you can find this by clicking that drive fromthe left pane of your file browser and looking at the path shown in theaddress bar.
Then we’ve got a few options we may want to pass to Clam regarding how to perform the scan. Some options worth considering are:
-r #perform recursive scan - good for a whole drive
--exclude=.mp3 #set exclusion pattern to skip things like music and videos
--scan-mail=yes/no #include mail files in system scan
--remove=yes/no #delete infected files, yes or no. Careful with this.So when you’re ready, your full command will look something like this:
When all’s said and done, you’ll get a fairly detailed report.clamscan -r --exclude=.avi --remove=yes /media/disk
If all went well, you’re set until next time Stan clicks a popup.
Thanks
Posted in
0 comments:
Post a Comment