How to set up a Bitdefender Rescue CD

Bitdefender Rescue CD is a free tool that scans your computer in a safe environment, without the need of loading the operating system. With automatic update, the scanning engines are able to detect and disinfect even the latest malware threats.

To scan your computer with Bitdefender Rescue CD, you have to set it up first on a bootable device or from a remote storage location.

Set up Bitdefender Rescue CD on a bootable CD

To set up a bootable Bitdefender Rescue CD, you need the ISO image, a blank CD or DVD, a CD/DVD burning application and you must follow the procedure below:

  1. Download the ISO image containing the Rescue CD files from Bitdefender download page and save it on a clean computer.
  2. Insert a blank CD into the CD/DVD drive.
  3. Open the CD/DVD burning application you have at hand. If none is available, you can download and install InfraRecorder, a freeware solution.
  4. Load the ISO image and burn it onto the CD.
    For example:
    1. Open InfraRecorder.
    2. Click the WriteImage button. A browse window will appear.
    3. Go to the location where you have saved the ISO file.
    4. Select the file and click Open. A configuration window will display the recommended settings for the current task.
    5. Click OK. The CD is ejected when the writing process is finished.
  5. You can now boot the infected computer with the CD you have just created.

For details on how to use the Rescue CD, refer to this KB article.

Set up Bitdefender Rescue CD on a bootable USB flash drive

In lack of a CD/DVD drive on the infected computer, you can use a USB flash drive. Bitdefender offers Stickifier, a free open-source tool, to make a Rescue CD bootable USB flash.

Download Stickifier using the convenient link:

To save Rescue CD on the USB drive with Stickifier:

  1. Open Stickifier and a wizard will take you through the necessary steps.
    First you need to select the image source location from the available options:
    • Download from the Internet - Save the image to your computer directly from Stickifier. Use the Browse button to indicate the destination folder.
    • Select an existing ISO image, which you previously downloaded from Bitdefender download page. Use the Browse button to indicate the source folder.

  2. Click Next. In the new window, you need to provide the target removable drive for Rescue CD files.

  3. Mount the flash drive into the USB port and select the drive letter from the dropdown list.

    NOTE: Before plugging in the flash drive, make sure it meets the requirements mentioned in the current window.

    If the letter does not appear in the list, click the Refresh button.
  4. Click Next. The installation process starts and the progress bars show the status of your installation.
  5. When the installation is complete, click Finish. The flash drive is now ready to use on the infected computer.

For details on how to use the Rescue CD, refer to this KB article.

Set up a remote location for Bitdefender Rescue CD

To boot Rescue CD remotely via PXE (Preboot eXecution Environment), you will need the following services on your network:

  • a DHCP server
  • a TFTP server
  • a NFS server
  • PXE-capable network adapters on the target machines

The guide below will walk you through setting up a bare-minimum PXE server on an Ubuntu Server machine. The commands should work (with minimal adjustments), regardless of the distribution you are using.

1. Preparing the source folder

  1. Before you install any of the required packages, create a directory which will act as the root of the TFTP and NFS servers:

    # mkdir -p /srv/tftp

  2. Extract the files from the Rescue CD ISO file and place them into the newly created directory:

    # mkdir -p /srv/tmp
    # mount -t iso9660 -o loop /path/to/rescuecd.iso /srv/tmp
    # cp -r /srv/tmp/* /srv/tftp
    # umount /srv/tmp
    # rm -rf /srv/tmp

2. Installing the packages needed for the PXE server

Use the commands below to install the packages:

# apt-get update
# apt-get install tftpd-hpa nfs-kernel-server isc-dhcp-server

3. Configuring TFTP

  1. Create a map file for the TFTP server, that converts Windows-style paths (\\) to Linux paths (/):

    #touch /etc/tftpd.map

    Add the following line to /etc/tftpd.map:

    rg \\\\ /

  2. The configuration options for the TFTP server are stored in /etc/default/tftpd-hpa
    Modify the file to look like this:

    TFTP_USERNAME="root"
    TFTP_DIRECTORY="/srv/tftp"
    TFTP_ADDRESS="0.0.0.0:69"
    TFTP_OPTIONS="--secure --verbose -vvvv -m /etc/tftpd.map"

    NOTE: You should leave --verbose in TFTP_OPTIONS until you have confirmed that the setup is working. It will cause tftpd-hpa to log various useful messages to /var/log/syslog. Once everything is set up correctly you can remove this option to reduce log spam.

  3. Restart the TFTP service to apply the changes:

    # service tftpd-hpa restart

4. Configuring NFS

  1. To make the folder available for mounting over the network, add the following line to /etc/exports:

    /srv *(ro,nohide,insecure,no_root_squash,no_subtree_check)

  2. Restart the NFS daemon(s):

    # service nfs-kernel-server restart

5. Configuring DHCP

  1. Edit the /etc/dhcp/dhcpd.conf configuration file, based on this example:

    ddns-update-style none;
    default-lease-time 86400;
    max-lease-time 604800;
    option time-offset -18000;
    authoritative;
    log-facility local7;
    allow booting;
    allow bootp;

    option arch code 93 = unsigned integer 16;

    subnet 192.168.0.0 netmask 255.255.255.0 {
    get-lease-hostnames on;
    use-host-decl-names on;
    range 192.168.0.10 192.168.0.100;
    option routers 192.168.0.1;
    option subnet-mask 255.255.255.0;
    option broadcast-address 192.168.0.255;
    option root-path "192.168.0.1:/srv/tftp";
    if option arch = 00:07 {
    filename "/EFI/BOOT/BOOTx64.EFI";
    } else {
    filename "/grub.pxe";
    }
    next-server 192.168.0.1;
    }

    NOTE:

    • Modify the domain-name and domain-name-servers options to match your network settings.
    • The allow booting and allow bootp commands are crucial to make PXE work and must be present regardless of how you decide to modify the configuration.
    • Modify the subnet and range definitions to match the desired configuration for your network.
    • Pay SPECIAL attention to the root-path option. For Rescue CD to properly boot over PXE, this option MUST be present and set with the IP of the NFS server and the mount point to which the Rescue CD files have been extracted to.
    • The filename option specifies the path on the TFTP server from which the PXE firmware will load the GRUB bootloader. In this configuration example, the TFTP and NFS servers both export the same root directory, but this is not strictly needed (you can have these set up in different locations).
  2. Once you have finished tweaking your DHCP configuration, restart the daemon:

    # service isc-dhcp-server restart

Related articles


Rate this article:

Submit