February 1, 2011

Rootkit With Ubuntu

Rootkit viruses are designed to be impossible to detect by users and antivirus software. These viruses burrow themselves deep underneath standard computer processes, often residing below the operating system function within the system BIOS, operating system kernel or within little-used libraries. By doing this, rootkit infections can be difficult to remove using standard software and in some cases, the rootkit application can escape antivirus and anti-spyware removal by injecting itself into other levels of the operating system.
One of the best alternative methods for removing rootkits is to utilize the antivirus software available on the Ubuntu operating system. By scanning the Windows hard drive from an Ubuntu live CD, there is no risk that the rootkit can evade the antivirus program nor can it transfer itself to other processes.
Things you will need
  • Blank CD
  • Image burning application
Create Ubuntu Live CD
  1. Download the Ubuntu 32-bit operating system disc image (see Resources).
  2. Launch your image burning application (see Resources for a free image burning program if you do not have one installed on your computer).
  3. Select "Burn ISO file to disc."
  4. Navigate to the Ubuntu disc image file and set it as the source for the image burning project. The disc image file has an ISO extension.
  5. Insert a blank CD.
  6. Set the destination for the blank CD.
  7. Click "Burn" when everything is prepared. The disc burning process should only take a few moments, depending on the write speed of your drive.

Boot from CD/DVD-ROM

  • Insert the Ubuntu Live CD.  

  • Restart your computer.   

  • Access the system BIOS by immediately pressing the designated access key when the computer starts. Oftentimes, "F10" or "Delete" will provide access to the system BIOS, but check at the bottom of the screen as soon as the computer starts to confirm which key is set as the access key.   

  • Navigate to the boot order section in the BIOS. This can be found in the tab labeled "Boot" or "Advanced."   

  • Set the CD/DVD-ROM as the first boot device.   

  • Save and exit system BIOS to restart the computer. The system will now boot into the Ubuntu Live CD. 

  • Install Anti-virus and scan
    1. Launch Firefox by selecting the Firefox icon in the Ubuntu task bar.
    2. Navigate to the antivirus download page (see Resources) and select "avast! Linux Edition (DEB Package)" to download the installation files.
    3. You will also need to register for a free license number to utilize the antivirus program. Simply fill out the form that loads after you download the installation files to receive your free license key.
    4. Launch a Terminal window by selecting "Applications," "Accessories" and "Terminal" from the Ubuntu menu bar.
    5. Change the directory of the command prompt to the download folder by pasting the following command and then pressing "Enter:"
    6. Install the antivirus by pasting the following command and then pressing "Enter:"
    7. sudo dpkg --i avast*
    8. Mount your Windows hard drive by selecting "Places" from the Ubuntu menu bar and then selecting the file system which contains your Windows installation.
    9. Select "Applications," "Accessories," then "avast! Antivirus" from the Ubuntu menu bar once the installation is complete.
    10. Enter the registration key you received by filing for a free antivirus license key after downloading the installation files.
    11. Click "Update database" to ensure you are using the most recent antivirus definitions.
    12. Click "Selected folders" and specify the hard drive containing your Windows installation and then click "Scan." The antivirus will detect any rootkit or other virus infections and offer a simple dialog for removing the infection.
    13. Just click "Delete" to eliminate the threat and continue scanning your system.


    Post a Comment

    Related Posts Plugin for WordPress, Blogger...

    Search This Blog



    Twitter Delicious Facebook Digg Stumbleupon Favorites More