1

USING BOOTABLE RESCUE

DISKS TO REMOVE MALWARE

FROM A "WINDOWS.."

COMPUTER

2

Web location for this

presentation:

http://aztcs.orgClick on

“Meeting Notes”

3

SUMMARYWhen your "Windows.." computer

gets infected with malware, you

can use various free bootable

"rescue disks" to remove the

infection. For the more virulent

ransomware infections, the

"rescue disks" are the only method

for rescuing your computer.

4

TOPICSo Configuring your "Windows.."

computer

(so that bootable CDs/DVDs/USB

flash drives can boot it up)

o Using the free "ImgBurn" program

(to create bootable CDs/DVDs if

you are running "Windows 7" or

"Windows Vista")

5

TOPICS (continued)

o Technical advice on various free

"rescue disks"

6

CONFIGURING YOUR "WINDOWS.."

COMPUTER

o To use various free rescue

CDs/DVDs/USB flash drives, you

have to configure the BIOS or UEFI

of your "Windows.." computer so that

it will boot up from one of these

devices.

See

http://aztcs.org/meeting_notes/winha

rdsig/BIOStoUEFI/BIOStoUEFI.pdf

7

USING THE FREE "IMGBURN" PROGRAM

o If you have a "Windows XP", or a

"Windows Vista", or a "Windows 7"

computer,

ImgBurn is a great free software

application for burning and copying

DVDs and CDs.

It can also create *.iso image files of

actual CDs, DVDs, and any files/folders

on a hard drive.

8

USING THE FREE "IMGBURN"

PROGRAM (continued)

o You can get ImgBurn at

http://www.imgburn.com/

9

USING THE FREE "IMGBURN" PROGRAM

o If you have a "Windows 8" or a

"Windows 8.1" or a "Windows 10"

computer, you do not need

"ImgBurn" for burning CDs and

DVDs from .ISO files.

However, "ImgBurn" is still handy for

making .ISO files from CDs and

DVDs.

10

1. "BITDEFENDER RESCUE CD"

o Usually works with

UEFI with Secure Boot enabled

(If it does not, disable Secure Boot)

o Works with

UEFI with Secure Boot disabled

o Works with

UEFI with Compatibility Support Module

(CSM) enabled

o Works with

BIOS

11

1. "BITDEFENDER RESCUE CD"

(continued)

o Go to

http://www.bitdefender.com/support/h

ow-to-create-a-bitdefender-rescue-

cd-627.html

o Download

bitdefender-rescue-cd.iso

12

13

2. "AVIRA RESCUE CD"o Does not work with

UEFI with Secure Boot enabled

so you must disable "Secure Boot" if

"Secure Boot" is enabled

o Works with

UEFI with Secure Boot disabled

o Works with

UEFI with Compatibility Support Module

(CSM) enabled

o Works with

BIOS

14

2. "AVIRA RESCUE CD" (continued)

o Go to

http://www.avira.com/en/download/pr

oduct/avira-rescue-system

o Download

rescue-system.iso

15

3. "NORMAN RESCUE DISK"

o Usually works with

UEFI with Secure Boot enabled

(If it does not, disable Secure Boot)

o Works with

UEFI with Secure Boot disabled

o Works with

UEFI with Compatibility Support Module

(CSM) enabled

o Works with

BIOS

16

3. "NORMAN RESCUE DISK" (continued)

o Go to

https://www.norman.com/us/norman_

rescue_disk

o Download

norman_rescue_disk.iso

after giving them an email address

17

4. "KASPERSKY RESCUE DISK"

o Does not work with

UEFI with Secure Boot enabled

o Does not work with

UEFI with Secure Boot disabled

o Works with

UEFI with Compatibility Support

Module (CSM) enabled

o Works with

BIOS

18

4. "KASPERSKY RESCUE DISK"

(continued)

o Go to

http://support.kaspersky.com/4162

o Download

kav_rescue_10.iso

19

5. "PANDA SAFEDISK"

o Does not work with

UEFI with Secure Boot enabled

o Does not work with

UEFI with Secure Boot disabled

o Works with

UEFI with Compatibility Support

Module (CSM) enabled

o Works with

BIOS

20

5. "PANDA SAFEDISK" (continued)

o Go to

http://www.pandasecurity.com/usa/ho

meusers/support/card/?id=80152

o Download

PandaSafeCD.iso

21

6. "AVG RESCUE CD"

o Does not work with

UEFI with Secure Boot enabled

o Does not work with

UEFI with Secure Boot disabled

o Works with

UEFI with Compatibility Support

Module (CSM) enabled

o Works with

BIOS

22

6. "AVG RESCUE CD" (continued)

o Go to

http://www.avg.com/us-en/avg-

rescue-cd

o Download

avg_arl_cdi_all_120_150511a9757

.iso

23

7. "COMODO RESCUE DISK"

o Does not work with

UEFI with Secure Boot enabled

o Does not work with

UEFI with Secure Boot disabled

o Works with

UEFI with Compatibility Support

Module (CSM) enabled

o Works with

BIOS

24

7. "COMODO RESCUE DISK" (continued)

o Go to

https://www.comodo.com/business-

security/network-protection/rescue-

disk.php

o Download

comodo_rescue_disk_xxxxxxx.x.iso

25

8. F-SECURE "RESCUE CD"

o Does not work with

UEFI with Secure Boot enabled

o Does not work with

UEFI with Secure Boot disabled

o Works with

UEFI with Compatibility Support

Module (CSM) enabled

o Works with

BIOS

26

8. F-SECURE "RESCUE CD" (continued)

o Go to

https://www.f-

secure.com/en/web/labs_global/resc

ue-cd

o Download

rescue-cd-3.16-73600.iso

27

9. "ANVI RESCUE DISK"

o Does not work with

UEFI with Secure Boot enabled

o Does not work with

UEFI with Secure Boot disabled

o Works with

UEFI with Compatibility Support

Module (CSM) enabled

o Works with

BIOS

28

9. "NORTON BOOTABLE RECOVERY

TOOL" (continued)

o Go to

o https://security.symantec.com/nbrt/nb

rt.aspx

o Download

NBRT.iso

29

ADDITIONAL INFORMATION

o Avast only lets you make a bootable

rescue CD if you purchase and install the

not-free version of "Avast.."

o eScan's "eSCAN Rescue Disk" booted

up but it then failed to operate

o McAfee does not have a free bootable

rescue CD

o Vipre offers a portable scanning app but

they do not offer a bootable rescue CD