Monday, August 15, 2011

SARDU : Multiple boot disk builder

In my previous post I gave a brief tutorial of using a LiveCD, Most of the AV companies update their liveCDs almost often like every 3-4 hrs or after 12hrs or after 1day. Basically I am talking about the frequency of update of their virus definitions. As also NO product is 100% perfect i.e no AV can detect all the viruses that infects a computer. So it may definitely be the case where liveCD of one Antivirus may not detect a virus in your system while other may detect. So this leads to keeping multiple liveCDs.  Also it is not possible to keep multiple liveCDs in one CD/DVD just my adding all the liveCDs as it is i.e merging multiple LiveCDs into one disk will be of no use and also creating multiple CDs for the same is also not advisable.

To overcome this SARDU comes in, Basically SARDU is a free software that is capable of building multiple boot support CD,DVD and USB devices. It combines variety of features that help you in making a custom All-in-one bootable cd/dvd/usb through which you can get your system in working state post infection. It includes liveCDs of different AV companies(many of them I posted here) and in addition to these liveCDs it also includes other tools which also help you in recovering you data incase when your system is highly infected and cannot be cleaned, also it includes certain backup softwares that are used for restoring the system back to a clean state(normally when a case where system restore doesn't work properly)

Main Screen of SARDU

As above is the main GUI here there are list of liveCD that SARDU supports. If you don't have any liveCD then click on any of these liveCD buttons. SARDU will automatically download from the corresponding site.

After the download is complete you can find you ISO as /.../SARDU/ISO/kav_rescue_10.iso .It may also be possible that you already have some of the specified liveCDs with you then you can copy those ISOs in /.../SARDU/ISO folder
Utility Section

Windows Section

Other features :
Utility (only notable ones I have posted over here) :
NT Password : Resetting admin password.
Ultimate Boot CD : another excellent CD for recovery purposes.
Gparted : For graphically managing your disk partitions.
(Rest of other softwares like macrium reflect, Redo backuplive, trinity backup CD are good but some of them are system specific. If you know about these software then I wouldn't be required to be giving an explanation in first place)

Linux :
If you are familiar with linux then you have had known the same otherwise if you are not used to linux then this section is not for you.

Windows : 
Contains various recovery disk (for WinXP,Vista,7) and also installers for the same.

Typical boot interface of sardu
SARDU is very easy to use to creating an all-in-one ISO out of it will not be difficult.

Note : All softwares have their buttons and checkboxes i.e SARDU is able to manage only these softwares only. If a checkbox is disabled (grey) the ISO of that software was not found. Pressing the button with an application name causes SARDU to download the bootable ISO from the manufacturer's website. Downloaded make it ready for use (checkbox checked). Downloads can be done manually by disabling the function ' File -- Enable direct download'. User can update the status of the ISO folder from File -- Refresh ISO/IMA menu (Most Imp : user should refrain changing the default names of individual programs because they won't be recognized by the software.) If a checkbox is unchecked (white) the single ISO is disabled and not-active.

Well thats all for now, a very great tool for recovery purposes. If you don't know about other tools then I would just prefer using just the liveCD section. Inshort HIGHLY RECOMMENDED...!

Friday, August 12, 2011

Introduction to LiveCD contd.....

In my previous post I gave a brief idea about what actually a LiveCD(RescueCD) is and purpose of using them. Now I will provide some extra features a RescueCD provides. It varies from company to company that provides a RescueCD distribution. I am going to give a short tutorial regarding using a RescueCD. I choose Dr.Web LiveCD and AVG RescueCD (I prefer these two as the best options for post infection scenarios

Dr. Web LiveCD

It is a software product based on Dr.Web antivirus scanner. It allows to restore the system when loading the system from the hard drive becomes impossible due to virus infection. It is distributed as boot disk and is based on portable linux operating system(Gentoo Linux) and also inbuilt software(OnDemand scanner) intended for scanning, curing, deleting files from the target directory/drive.

System Requirements :
  • i386 processor(P4,dual core....etc)
  • Minimum of 256MB of RAM
  • CD/DVD drive
Download the liveCD from the link provided above, its size is approx 173MB, the downloaded file will have .iso as an extension so it can be burned directly into CD with help of any traditional CD/DVD burning software(links provided in the previous post). After burning the disk becomes a bootable disk and also do make sure that your system is set to boot from CD/DVD drive(goto BIOS setting and change the boot priority to your CD/DVD drive)
When the cd is inserted in the CD/DVD drive and system is rebooted again

 Dr.Web liveCD provides four options :
  1. Standard mode(the first option) : Load all the necessary modules with easy to understand interface.
  2. Advanced mode : Its is recommended only for exp users who are familiar with Unix based commands and so I would not recommend for first time users.
  3. Start Local HDD : It will load from your hard drive i.e as our system normally boots.
  4. Testing Memory : When your computer is unstable and restarts at random.
After selecting the default load option the liveCD will load essential modules to setup a miniOS and finally will look as shown below :
Linux based environment
It contains following basic applications :
  • Dr.Web Scanner for linux
  • Firefox browser
  • Sylpheed mail client
  • Midnight commander file manager
  • command-line terminal
  • Leafpad text editor
Basically it is just your miniOS which directly runs in RAM, The main advantage of having a miniOS is when your computer is highly infected and you won't be able to restore your system in such situations formatting your system is only the option, so this miniOS helps you to obtain copy of important files which gets deleted during formatting process.

Dr.Web Scanner in the linux environment
It is necessary(not compulsory) to have an internet connections so that Dr.Web has the latest viruses definitions. With the help of the scanner you can select the target directory/drive in your system which you wish it to be scanned. Wait for the scan to be completed and it will show you the final result whether a virus(es) is/are found or not. If found you will get an option of curing/deleting/quarantine/renaming.

Advantages for using Dr.Web LiveCD
  • Good file curing capability.
  • Small updates(but still can detect thousands of viruses)
  • Has a dedicated Linux environment for backup purposes.
  • Slow scanner(can even be slower when scanned in highly infected system)
  • Virus detection is not that high but not low also.
AVG RescueCD

AVG is another company that provides antivirus solutions, its quite a known among the users as compared to Dr.Web and other solution that I named in my previous post. It provides a RescueCD that can be downloaded over here (click on the 1st download link which will download the .iso file) the file size is approx 94MB.

System Requirements :
  • Intel Pentium or equivalent processor (300Mhz)
  • 512Mb of RAM
  • CD/DVD drive
When computer is booted with AVG RescueCD inserted the welcome screen starts(after some initial loadings of modules)

Welcome screen of RescueCD

During booting the AVG RescueCD will mount all hard drives of your computer. This will make them available for scanning and editing. In most of the cases select the first option while rest of the two option are normally required when system has less resources.

Typical UI of AVG RescueCD

It is recommended that user first update to latest virus definitions. If the user does not have the internet connection she/he can copy the updates to the USB and can manually update the definitions(tutorial will be provided later)

After the update is completed perform the scan, the scan can be performed either on the directory/drive. After scan is completed the result(if infections are found) will be shown as below :

Option for directory/drive scan

When infected file is found

File handling

You can select relevant option on how to handle the file. And after the file is been deleted/renamed the system can be rebooted.

NOTE : In case of AVG RescueCD it doesn't provide a dedicated portable miniOS like that of Dr.Web so retrieving important files from your infected system is bit difficult for normal user. So I don't recommend it for user who are looking for data retrieval purposes unless they are quite familiar with the RescueCD. 

For manual Update

Download the virus definitions file from here and copy the files in USB. Now from the main UI of AVG select on Update----> Select Offline----> browse through the directory where the file(with .bin extension is stored)

Advantages :
  • Faster Scans
  • Offline update possible
  • Good detection rate

Disadvantages :
  • Difficult to maneuver if user is not familiar with keyboards
  • Backing up of files may sometimes be tedious
  • Requires system to have atleast 512MB of RAM if not then system might not respond properly
Thats all for now, hope you all might have liked my brief tutorial regarding working with LiveCDs and found helpful to you :)

Thursday, August 11, 2011

Introduction to Live CDs

I have not been active in this blog for about a year, was actually busy with some other stuffs and all others things but now as I got some free time I thought of posting some essential information and tutorials that might help you ;)

So to start with, what are actually malware(or we can say a computer virus in simple terms) well these are programs that infect your computer and causes the computer to behave abnormally like a degrade in performance,  prevent execution of essential programs incl task manager or even at worst scenario won't let your computer start. For this a traditional Antiviruses can help you with the problem of removal of these viruses or even preventing them in first place. But what if a scenario comes where your Antivirus/suite misses that virus and your computer won't boot properly or even won't boot at all due to that virus.Unfortunately viruses have been evolved to an exponential level and also the severity is very high. Virus writers have become more and more intelligent regarding the technology used in developing a virus so that it becomes difficult to detect and at the same time get its work done. Some viruses are stubborn to remove in realtime hence require special expertise to remove. Also in many cases a viruses infects some important files of your system in such a way that the given virus can only be removed only when that important system file is removed which will eventually lead to instability of the system. So the straight forward solution is to format your computer but it may also be the case where your computer(preferably C drive) may contain important data which may be lost if formatted. Hence for this reasons a LiveCD(Rescue Disk) comes into picture.

A LiveCD is basically a tool that can be used when your computer isn't able to boot(startup) normally or even in a case where it won't boot at all. So a LiveCD helps you to restore you system to a stable/working state or even under certain scenarios help you to take backup of your important data prior of being formatted.

Notably all reputed Antivirus companies provide a LiveCD of their own. Basically a LiveCD consist of corresponding Antivirus manufacturer's scanner which will scan you computer during boot time and other modules(A linux distribution in most of the cases) which help in data retrieval i.e. a LiveCD can also be said as a very small operating system(mostly linux flavors...I will be explaining you in a separate post) which can run directly from the RAM so we can say it will create a miniOS from which is be help us retrieving important data from our system.

Below are the download links of LiveCDs(they are called with different names but all the names are one and the same) having .iso as an extention from different AV companies : 
Vba32 Rescue CD  ......there are many more but these are the most notable ones and free to use.

Size of the LiveCD(.iso files) range from 100Mb to 350Mb so these can be burned and can be made a bootable CDs. Once you download the .iso file burn directly with any CD/DVD burning software of your choice(Image burn, Nero Burning Lite). Once burned your CD will become a bootable CD. Now just you have to do is to change the boot priority of you computer's BIOS. This can be done while starting the computer and pressing F2(or F8,F12...depending upon the computer manufacturer) and give first priority to CD/DVD drive and then restart. Now your computer will boot from CD and there you go you can maneuver with the LiveCD and save your system from crashing or restoring it.

Well guys this was just an introduction regarding the LiveCD, In my next post I will be providing tutorial in using some of the LiveCDs(mostly Dr.Web, AVG and Kaspersky)

