In this post, we want to discuss what is VBA32 Rescue Antivirus and how to use it. Before we get started, if you want to know about manual testing, please go through the following article: Basic Interview Questions for Manual Testing.
Vba32 Rescue allows you to recover system functionality after malware impact. This software makes it possible to cure malware (and suspicious software) on a user’s computer with maximum effect. The scanning and curing processes are implemented independently of the OS installed on the computer. For this reason, malware is unable to resist the curing process.
Vba32 Rescue is a bootable ISO image that can be burned on a CD/DVD disk or USB drive. On the basis of the image, there is an OS Linux kernel, boot loader grub2, console scanner Vba32.CS.L for Linux, and other modules for the file system, network, graphic user interface, and so on. Vba32 Rescue works in the following modes:
1. vba32rescue – standard mode;
2. vba32rescue2ram – loading image into memory mode.
Advantages of Vba32 Rescue Image
- High-speed booting.
- Mode of discarding the drive the image was booted from.
- Automatic network configuration allows you to customize the connection with the update server.
- The ability to update antivirus scanners and bases allows you to maintain the image up to date and doesn’t require daily downloading of the whole image.
- Saving updated image on a USB drive.
- Ability to create a bootable USB drive in OS Windows, Linux, and in Vba32 Rescue environment.
- Using swap files on “weak” computers makes it possible to produce full service even with very old computers.
- Availability of mhdd and memtest utilities ensures the possibility to scan RAM and HDD on hardware error.
- Support of a great number of file systems.
- Using Vba32.CS.L scanner allows you to apply all the features of Vba32 antivirus kernel.
- Possibility of individual scanning configuration settings.
- Copying infected and suspicious files to Quarantine allows you to avoid data loss due to false antivirus responses.
- Keeping report files allows you to analyze the results of system scanning and maintain feedback with the Technical Support Service.
Create a bootable USB-drive in Windows OS
It is necessary to use the vbarescue_wintools package utilities for this:
- It is necessary to unzip the archive vbarescue_wintools.zip into a new folder.
- Copy ISO image vbarescue.iso to the folder vbarescue_wintools.
- Launch bat-file runme.bat and follow the instructions.
Create a bootable USB-drive in Linux OS (without data loss)
It is required that the vbarescue_linux utility package be used:
- It is necessary to unzip the archive vbarescue_linux.tar.gz into a new folder.
- Copy ISO image vbarescue.iso to the folder vbarescue_linux.
- Mount USB drive with FAT32.
- Run the script runme. sh and runme.sh and transfer the path to the point where the USB-drive is mounted.
1234567wget ftp://anti-virus.by/pub/vbarescue_linux.tar.gzwget ftp://anti-virus.by/pub/vbarescue.isotar -xzf vbarescue_linux.tar.gzmount /dev/sdb1 /mnt/flash -t vfat./runme.sh /mnt/flash
In this chapter, we will consider the main task of Vba32 Rescue – scanning by the Vba32.CS.L antivirus scanner. This scanner is a powerful facility that makes it possible to detect and cure infected objects on the user’s computer. The undoubted advantages of this scanner are:
- Powerful heuristic analyzer – allows you to detect unknown patterns of malware. The possibility to select different working modes (from optimal to excessive) allows you to get the required balance between quality of detection and quantity of false positives.
- File viruses curing function – gives you the ability to deal qualitatively with the consequences of viral infections. Analysis of cure of such large-scale infections as Sality
(Sector) and Virat has proved the validity of this method.
- Vba32 software code emulator – allows you to detect malware processed already by known or unknown programs of difficult analysis of malicious code (cryptos, packers, obfuscators). This is achieved through continuous improvements of the emulator rather than the addition, which is newly known algorithms for static extraction.
- Just-in-time technology – allows you to speed up emulation of processed files.
- Daily updates of antivirus bases – make it possible to reduce the threat’s impact on the user’s computer.
- Support of all common archive formats, mail databases, and other data formats.