Some viruses can only be cleaned by booting into an anti-virus system. Avira Anti-virus supplies a free boot cd image for cleaning viruses, which can be booted from the hard disk and is much faster then booting from a CD. This also allows one to update the anti-virus definitions fairly easily. The method is as follows:
Download Avira Antivir Rescure System. Run it, don't burn to CD, but tell it to save to an iso file (e.g. avira.iso). Put the iso file in the root directory of a hard disk drive. Extract from the iso file the folders antivir and avupdate (with e.g. 7-Zip) and put those in the same drive, so now you would have e.g.
D:\avira.iso
D:\antivir\ (containing various .vdf virus definition files and so on)
D:\avupdate\ (and contents thereof)
Edit avupdate\windows\avupdate.bat so that avupdate.exe is invoked correctly.
avupdate\windows\avupdate.exe --config=.\avupdate.conf --product-file=/update/idx/rescuestick-linux_glibc22-en.idx --product-info-file=/update/idx/rescuesticklinux_glibc22-en.info.gz --skip-master-filechanged to
\avupdate\windows\avupdate.exe --config=.\avupdate.conf --product-file=/update/idx/rescuestick-linux_glibc22-en.idx --product-info-file=/update/idx/rescuesticklinux_glibc22-en.info.gz --skip-master-fileIf you use a proxy server, edit avupdate.conf and add the entries from proxy-server
Proxy-Server=your_proxy_host_url
Proxy-Port=your_proxy_host_port
Download Grub4Dos. Extract grldr and menu.lst from the zip file and put it into your boot drive root (usually C:\). Add this entry to menu.lst
title Avira AntivirusYou will need to edit the root(hd0,2) entry to match the location of avira.iso. hd0 = 1st hard disk (count starts from 0). 2 = partition 2 (count starts from 1). One should be able to guess the numbers from the way harddrives are laid out in Control Panel>Adminstrative Tools>Computer Management>Disk Management
root (hd0,2)
find --set-root --ignore-floppies /avira.iso
map --mem /avira.iso (0xff)
map --hook
root (0xff)
chainloader (0xff)
Finally, add this entry to boot.ini (presuming c:\ is your boot drive)
c:\grldr="GRUB"
Next time you boot your PC, you can select Avira Antivirus by booting into "GRUB". Once inside the Avira Antivirus graphical interface click on the British flag to select the English language. Also in the configuration select Rename infected files. Now you can scan your PC.
To update your anti-virus definitions, boot into XP normally, open the avupdate\windows folder, and run avupdate.bat.
Update (18/6/2011): For the newer version of avira also extract the system directory to the root drive (to e.g. d:\system).
Alternate (18/6/2011): The entire iso can be extracted (antivir and system folders must be in root directory - otherwise system check will fail) and booted directly:
title Avira AntiVir Rescue SystemModify root() entry as described earlier; vmlinuz and initrd.gz can be placed in other folders if desired (just remember to modify the path above). Also note newer version of grub4dos is needed (or you will get an invalid executable error).
root (hd0,1)
find --set-root /vmlinuz
kernel /vmlinuz nofb ramdisk_size=108178 root=/dev/ram0 rw console=/dev/vc/4
initrd /initrd.gz
No comments:
Post a Comment