35 - How to make a bootable antivirus AVG RESCUE USB drive

Unique hits drupal stats


Introduction
If you are having problems getting rid of viruses on your computer, the first thing to do is boot to Safe Mode and run your Antivirus scanner. If this fails to find or clear the problem, then you may need to boot to a different Operating System (e.g. linux) and scan all the partitions on your computer's disks.

Details about the free AVG Rescue CD can be found at http://www.avg.com/ww-en/226386#net_update and the AVG user forums for the Rescue CD can be found at http://forums.avg.com/gb-en/avg-free-forum?sec=theme&act=show&id=183.

Note: A 1GiB USB drive or larger is required as the ext2 file is 500MiB.

Instructions
The instructions below show how to create a USB flash drive, install grub4dos and copy over the AVG USB Rescue CD files required to make a persistent USB drive that you can update via the internet (provided you have a LAN connection and linux recognises your hardware).

1. If you do not already have a bootable USB Flash drive, create one using RMPrepUSB using the following settings:
    1. MAX
    2. (any volume name you like - e.g AVG Rescue)
    3. WinPE
    4. FAT32 + Boot as HDD + ForceLBA  (use FAT16 for small drives)
    5. (do not tick the Copy Files box)
    6. Click Prepare Drive

After the USB drive has been wiped and formatted, click on the Install Grub4dos button, choose Yes for the MBR option and press Enter when prompted

2. Download the zip file version of the AVG Rescue (for USB Stick) from http://www.avg.com/us-en/avg-rescue-cd-download (e.g. v 100.110314).
  
3. Unpack the .zip file to a folder on your hard disk - e.g. C:\AVGUSB

4. Create a folder on the USB drive called AVG and copy the following 4 files from your C:\AVGUSB folder to the USB drive (note that the ext2 file must be located at the root (top) of the USB drive) :

\arl_rootfs.ext2
\AVG\init
\AVG\vmlinuz
\AVG\initrd.lzm

the file \grldr should already be present as it contains the boot code for grub4dos.

5. Create a file called menu.lst using Notepad on the USB drive containing the following text (or add the text to your existing menu.lst file if you are putting these files on an existing grub4dos boot disk).

    title AVG Rescue CD\nTip: Always use the reboot command or the menu to reboot - do not switch off using the power button or unplug the USB drive during operation.
    find --set-root /avg/vmlinuz
    kernel /avg/vmlinuz max_loop=255 vga=791 init=/avg/linuxrc
    initrd /avg/initrd.lzm

    title AVG Rescue CD - Disabled Frame Buffer\nTip: Always use the reboot command or the menu to reboot - do not switch off using the power button or unplug the USB drive during operation.
    find --set-root /avg/vmlinuz
    kernel /avg/vmlinuz max_loop=255 video=vesafb:off init=/avg/linuxrc
    initrd /avg/initrd.lzm

    title AVG Rescue CD with VGA Resolution selection\nTip: Always use the reboot command or the menu to reboot - do not switch off using the power button or unplug the USB drive during operation.
    find --set-root /avg/vmlinuz
    kernel /avg/vmlinuz max_loop=255 vga=ask init=/avg/linuxrc
    initrd /avg/initrd.lzm

6. Now see if it boots and try the first menu item (note that you can test the 'bootability' and menu by pressing F11 when the RMPrepUSB utility is running, however the linux kernel will not be able to fully boot under QEMU - you need to test that on real hardware!).

IMPORTANT: Always use the menu or type 'reboot' in the command shell to reboot - do not just switch off the system or remove the USB drive - otherwise corruption of the ext2 file may result.

Notes
If your system does not have a LAN Ethernet connection (e.g. uses WiFi/wireless) then you will not be able to update the definitions or AVG version. In this case download the update file (the large 70+MiB IAVI file) onto the USB drive first from http://www.avg.com/us-en/download-update before you begin and then use the Update entry in the AVG Rescue menu once it has booted. 

If you get any strange read-only/overwrite prompts or other file write errors or the Offline Definitions Update fails after using the USB drive for a while, the ext2 file is probably corrupt. Delete it and then copy over the original ext2 file again.