Security vendors know that their antivirus software can’t forever protect users. New viruses and other malware regularly appear in the wild that employs new techniques to bypass antivirus protections and defend themselves from removal attempts. If ever such an elusive, sophisticated malware infects your computer, you may have to resort to using an antivirus rescue disk.
What Is an Antivirus Rescue Disk?
An antivirus rescue disk is a bootable utility that you use to scan for malware. It runs independent of Windows and allows you to disinfect computers that cannot start normally.
Why Should You Use an Antivirus Rescue Disk?
Most of the time, you can remove malware infections by performing a full system scan on your primary antivirus software. Unfortunately, there are rootkits and advanced forms of malware that are hard to clean via the usual methods. They can be particularly persistent in that they cannot be completely removed within Windows (even in Safe Mode). Some malware can activate during the initial boot sequence and then hide completely; you cannot find and end processes of such malware from the task manager. Many forms of malware are even designed to attack your antivirus, render it useless and stop your attempts to install other security software.
You must strike where malware is weak—outside Windows. A rescue disk typically boots into a different operating system, most likely based on Linux, where malware strains that target Windows cannot activate and are ineffective. It, therefore, is where you have the best chance of successfully removing these malware strains.
Simply put, an antivirus rescue disk is what you use when your existing antivirus has allowed malware to slip past its defenses. A rescue disk is also a must-have tool for when you can no longer boot into Windows because of malware.
How Do You Use an Antivirus Rescue Disk?
First, choose and download a rescue disk from a reputable security vendor. We’ve listed a couple of choices down below. Some vendors provide them for free, but others require you to enter the license key of your paid subscription before they give you the download links. It’s best that you download a rescue disk using another computer, one that’s clean of malware.
The rescue disk of your choice is likely in an ISO file format, which means you must burn it to a CD or DVD using an image burning application. Alternately, you can use a formatting utility to transfer the contents of the ISO file to a USB flash drive and make the USB flash drive bootable. Once again, transferring the contents of the ISO file to your preferred removable media is best done on a clean computer. Some antivirus vendors include necessary utilities to create a rescue disk on a USB flash drive or DVD, which means you need not find and install an image burning application anymore.
If you’re not sure how to create a rescue disk on a CD, DVD or USB, check the security vendor’s online guides for specific instructions.
At this point, you should already have a rescue disk prepared. Insert your rescue disk to the infected computer. Reboot the computer. Your computer should automatically boot from the rescue disk instead of Windows. If not, go to the boot menu, and select the option to boot from the removable media that you’ve used to create your rescue disk. Typically, you can access the boot menu by press the ESC, F2, F8, F10 or F12 key during the Power-On Self-Test (POST) phase of the boot sequence.
Once you’re in the secured, operating environment of the rescue disk, begin scanning for malware. Always opt for a full system scan so that every nook and cranny of your computer is examined. Only do a custom scan if you specifically know where the infection is. If you are given options, always choose to clean and repair infected files. Doing so attempts to remove malware while keeping the files intact. If you must remove or quarantine an infected file, make sure that it’s not a system file that’s necessary for Windows to boot and work properly.
If the rescue disk fails to remove the malware problem, consider using a rescue disk from another security vendor. Many rescue disks often do partial cleanup only, which means you should run a subsequent full system scan using your regular antivirus when you’ve successfully booted back to Windows.
What Are Some Good Antivirus Rescue Disks?
Features vary between rescue disks. Depending on your needs, you should choose a rescue disk that allows you to choose a scanning option: quick scan, full system scan or custom scan. You might also be interested in rescue disks that can repair registry issues, scan startup entries and recover deleted files. If you don’t like to navigate using text only, you should choose a rescue disk that features a graphical user interface.
For it to be effective, a rescue disk must be able to go online and automatically check for the latest updates. A rescue disk with outdated virus definition files can’t be of much help when you’re dealing with a recently discovered piece of malware.