Skip to main content

Brighter Computer Solutions

Home & Business Computer Services

Home
About Us
Contact Us
Site Map
Member Login
Home Services
Business Services
Free Helpful Essentials
Virus Alerts
Product Reviews
How To Articles
Make Windows Safer
Use A Rescue CD
Video Watermarks
Memory Problems
News and Events
Custom Utilities
How To: Choose and Use an Antivirus Rescue CD
 
Have a virus that seems impossible to remove?
Have virus symptoms but no apparent infection?
An antivirus rescue CD avoids the problems of viruses that embed themselves into Windows drivers, prevent the computer from booting into safe-mode, or blue screen every time they are tampered with. It is also one of the few methods for definatively removing rootkits.
One problem that I have noted in my experience is that rescue environments do not like CD-RW disks, so be sure to use a fresh CD-R every time.

Choosing a Rescue CD

The most important factor in choosing a rescue CD is your comfort level and familiarity. If you aren't familiar with Linux or aren't comfortable using a command line interface, that can help to narrow down the list of available rescue systems.
 
Most modern antivirus suites score very well in terms of detection rates, and there are few barriers to removal when the virus cannot run or prevent other programs from operating.


Avira Antivir Rescue System

A Linux based rescue system.
Excellent detection rates and heuristics.
 
This particular system is best suited for those more familiar with Linux and the command line. Though it includes a graphical user interface which is loaded automatically, it may be unstable and freeze the computer. This does no damage, and the command line can be accessed by pressing Control-Alt-Backspace. The scan can be tailored to your needs by turning the heuristics on or off, setting scanner categories (including games) and the action to perform when an infection is detected.


Kaspersky Labs Rescue CD
A Linux based rescue system.
Excellent detection rates and heuristics.
 
This particular system is good for nearly anyone. Although it is Linux based, drive letters are mapped as they would be in Windows. The graphical user interface is clean and friendly, and the command line interface is an accessible Midnight Commander type application with straight forward options for setting up a scan. The scan can be customized, and there is an option to prompt for action with every detection, something that Avira doesn't do.

Norton Symantec Rescue Disk

A Windows PE based rescue system.
Good detection rates.
 
This particular system is best suited for those comfortable with only Windows. The graphical user interface looks very similar to other Norton/Symantec products, though there are very few options for the scanner. This scanner does not detect some viruses that the other rescue disks or even the full version of Norton Antivirus does. The scanner will prompt for action with each detection when the scan has finished. This cannot be changed. Unfortunately, unlike the Kaspersy or Avira offerings, this disk can only be created by those who own a Norton/Symantec product that includes it.
 
Which Disk?

For ease of use and detection rates, I choose the Kaspersky rescue disk. As noted in the full review, there are some systems that the Kaspersky disk will not boot. This includes some Dell Inspiron series laptops and desktops. For systems where the Kaspersky disk will not boot, Avira somtimes does though in general the Avira disk is less flexible.
 
For systems where neither of the Linux environments will boot, the Symantec rescue disk is nearly guaranteed to work (since it is Windows based) though few viruses will be detected and removed without up to date definitions from another computer running Norton Antivirus since there is no built in definitions update feature like the Linux disks.
The major benefit of the Windows PE environment over the Linux based recovery disks is that the Windows command line and other common windows tools (like registry editor) are available to repair non-bootable Windows installations. I have used these features to repair modified shell and userinit registry entries and restore deleted safemode registry keys.
Some users may be familiar with BartPE and other Windows PE environments, but I did not include them here since the amount of effort to create and configure the disk is greater than that of these boot disks and the utilities are often sub-par compared to the ones listed here.