Modern-day cybercriminals aren’t ignoring Linux-based operating systems. Recently, we published a series of posts about malicious code in the open source set of utilities XZ Utils, which managed to find its way into several popular Linux builds; wrote about a Linux implant for the DinodasRAT malware — also known as XDealer; and warned about a backdoor in the Trojanized version of Free Download Manager. Despite all this, the myth that Linux is mostly immune to cyberthreats persists: companies rarely devote funds to protecting machines running this operating system. Therefore, we’ve released a dedicated free product that allows you to check Linux computers for modern threats — Kaspersky Virus Removal Tool (KVRT) for Linux.
What is Kaspersky Virus Removal Tool for Linux and what does it do?
KVRT for Linux can’t monitor attacks on your computer or server in real time — it’s a free application for scanning computers running a Linux-based OS and cleaning them of detected threats. It can detect both malware and adware, as well as legitimate programs that can be used for attacks.
Using KVRT for Linux you can scan 64-bit operating systems for x86_64 architecture. The list of distributions on which the application is guaranteed to work is listed here; however, if the system you’re using isn’t on the list, it’s still worth trying — there’s still a good chance it will work. Our application can scan system memory, startup objects, boot sectors, and all files in the operating system for known malware. It scans files of all formats — including archived ones.
How to use KVRT for Linux
Let’s start with the fact that KVRT for Linux doesn’t have an automated antivirus-database updating mechanism. If you want our product to be able to recognize the latest threats, you’d need to download the fresh version of the program from our website each time. The package hosted there is updated several times a day.
The application can be run via graphical interface or via a command line. But you can only run it manually — it’s impossible to set up a scheduled scan.
The distribution is provided as a portable application, so it doesn’t require installation. However, it must be granted execute permission before use. To ensure that the application has access rights to system memory, boot sectors and other important areas, and can also cure or remove detected threats, it’s recommended to run it under a superuser account (root). However, KVRT for Linux can also work under a regular user account, but in this case its functionality may be limited. You can read more about how to launch the application and give it the necessary rights on our technical support website. In general, there you can find all the information you may need to use KVRT.