"A human being should be able to change a diaper, plan an invasion, butcher a hog, conn a ship, design a building, write a sonnet, balance accounts, build a wall, set a bone, comfort the dying, take orders, give orders, cooperate, act alone, solve equations, analyze a new problem, pitch manure, program a computer, cook a tasty meal, fight efficiently, die gallantly. Specialization is for insects." (Robert A. Heinlein)

Thursday, 18 December 2014

Scanning virtual machines for viruses: Trinity Rescue Disk


I often use VirtualBox virtual machines to solve the few cases where I still need a Microsoft Windows only application. This solution works well but is far from ideal from the security point of view. The only Windows version I still own is the not more unsupported Windows XP, so my virtual machines are an easy target to the many viruses and malware around the 'net. As general precaution I keep my virtual machines off the network by disabling their virtual network card but, in some cases, the application used might explicitly require a network connection and other infection ways exist other than the 'net. Generally speaking it would be wise to periodically check all Windows virtual machines disks for viruses.
I'm not positive about installing an anti-virus software on a virtual machine mostly because I fear the loss of the not already brilliant machine performances so I went looking for a alternative solution.

Trinity Rescue Disk

Trinity Rescue Disk is a small (very small indeed) footprint live Linux distribution specialized in broken computer recovery. Among the many useful tools it offers scanning all computer drives for viruses using five of the most common anti-virus programs. In order boot and work with Trinity Rescue Disk the virtual machine must have assigned at least 1GB of RAM. If you are experimenting with very low specs machines you'll have to temporarily change the machine memory settings.

in order to scan the virtual machine I selected Trinity Rescue Disc ISO image from VirtualBox “DevicesCD/DVD DevicesChoose a virtual CD/DVD disk file“ menu then I rebooted the machine. If the machine is already in off state the “F12” key at startup stop the boot process and shows the boot device selection menu. 
Here is Trinity Rescue Disk booting …
And here is the main menu …
The text based user interface might seem archaic but is all you need to perform the available recovery operations. Mouse is supported, with character pointer of course, but it's a bit difficult properly maneuver it on the virtual machine window so keyboard is the better interaction way.
The only configuration that might be needed is the keyboard layout selection …
Among the many options available I selected the “Virus scanning” one. I've been shown the virus-scan sub-menu …
Clam AV, F-Prot, BitDefender, Vexira and Avast are the available anti-virus scanners. I started Clam AV, Trinity Rescue Disk downloaded the latest version available of both scanning program and virus definition …
and started scanning files on the machine virtual disk, after a handful of minutes the scan completed.

Conclusions

Trinity Rescue Disk is one priceless little tool that use Linux to solve problems of mostly non Linux users. Apart from virus scanning many other recovery options are available, like Windows password reset. I didn't need them so I didn't test them but they might turn useful in future. Tools like Trinity Rescue Disk should be installed on a old small USB disk (the disk image is only about 160MB) and kept handy in case of emergency.