Removing Viruses from a PC That Won’t Boot

One of the more common questions I hear from readers with computer virus infections is, “How do I get rid of a virus if I can’t even boot up into Windows to run an anti-virus scan?” Fortunately, there are a number of free, relatively easy-to-use tools that can help on this front.

The tools in this review are known as a “rescue CDs.” These are all free, Linux-based operating systems that one can download and burn to a CD-Rom. Once you’ve configured your PC to boot from the CD you’ve just burned, you can use the CD to scan your hard drive, and — depending on the type of rescue CD you choose — even copy files to a removable drive.

I have recommended more full-fledged versions of these rescue CDs (also known as “Live CDs) as a way for small businesses to protect their online banking sessions from malicious software, the lion’s share of which simply fail to run on non-Windows-based operating systems. But several anti-virus companies also offer slimmed-down Linux-based rescue CDs that can be extremely handy in getting rid of a persistent malware infection, or just for getting a second opinion (or third or fourth) about the state of your system.

Before I go any further, let me just state for the record that I don’t believe there is any substitute for having known good, solid backups of your data and your entire hard drive to restore to in case things go south. I also urge users to segment their systems so that important data files are on a separate chunk of hard drive space than the Windows operating system, which tends to make restoring backups a far simpler affair. I’ll post a separate tutorial on setting up a good backup plan soon. For now, though, I want to introduce readers to these simple tools.

Just one housekeeping note before I get started: If you want to run a rescue CD on a laptop, you’ll need to plug the notebook into a router or other Internet connection via a networking cable. The reason is that the first thing you’ll need to do when you boot into the rescue CD is update the program’s anti-virus definitions, and that requires a working Internet connection. I don’t believe any of these tools support wireless networking, but in any case setting that up is far beyond the scope and ambition of this brief how-to.

Grab the CD image

Several anti-virus vendors offer burnable rescue CDs that are based on Linux, including:

AVG Rescue

Avira Rescue

BitDefender Rescue

Dr. Web Rescue

F-Secure Rescue

Kaspersky Rescue

Panda Rescue

Burn the image to a CD or DVD

After you’ve download the file, burn the image to CD-Rom or DVD. If you don’t know how to burn an image file to CD or don’t know whether you have a program to do so, download something like Ashampoo Burning Studio Free. Once you’ve installed it, start the program and select “create/burn disc images,” and then “burn ISO.” Locate the .iso file you just downloaded, and follow the prompts to burn the image to the disc.

Incidentally, if your computer is a netbook and doesn’t have a CD-Rom drive — or if you’d just prefer to boot the rescue disc from a USB drive — you can create a bootable USB/flash drive using the same .iso image by downloading and running this free tool here.

Set your PC to boot from the CD

When the burn is complete, just keep the disc in the drive. We next need to make sure that the computer knows to look to the CD drive first for a bootable operating system before it checks the hard drive, otherwise this rescue will never be recognized by the computer. When you start up your PC, take note of the text that flashes on the screen, and look for something that says “Press [some key] to enter setup” or “Press [some key] to enter startup.” Usually, the key you want will be F2, or the Delete or Escape (Esc) key.

When you figure out what key you need to press, press it repeatedly until the system BIOS screen is displayed. Your mouse will not work here, so you’ll need to rely on your keyboard. Look at the menu options at the top of the screen, and you should notice a menu named “Boot”. Hit the “right arrow” key until you’ve reached that screen listing your bootable devices. What you want to do here is move the CD-Rom/DVD Drive to the top of the list. Do this by selecting the down-arrow key until the CD-Rom option is highlighted, and the press the “+” key on your keyboard until the CD-Rom option is at the top. Then hit the F10 key, and confirm “yes” when asked if you want to save changes and exit, and the computer should reboot. If you’d done this step correctly, the computer should detect the CD image you just burned as a bootable operating system. [Unless you know what you’re doing here, it’s important not to make any other changes in the BIOS settings. If you accidentally do make a change that you want to undo, hit F10, and select the option “Exit without saving changes.” The computer will reboot, and you can try this step again.]

Note that if you chose above to create a bootable USB drive instead of a rescue CD, you will need to tell your BIOS to select the USB drive as the primary startup target.

Scan and remove any found malware

Some of the free rescue CDs above are more intuitive and user-friendly than others. Of them all, I thought Kaspersky and BitDefender offered the easiest to use and probably the most newbie-friendly interfaces. Both boot into a desktop-like environment that may be more familiar to Windows users. In addition, they each offer an Explorer-like window that allows users to examine files on the Windows hard disk. BitDefender’s rescue CD was the only one I tried that had a copy of the Firefox Web browser built into it. It also includes a point-and-click program that checks for common rootkits, tools often planted on hacked machines to hide the presence of malicious software.

If you have a secondary USB drive connected to the machine, you may even be able to use either the Kaspersky or BitDefender rescue CDs to copy files over to the external drive, although moving files from a damaged hard drive to a backup drive is probably best accomplished with an all-purpose type of Live CD, such as Ubuntu or Knoppix, which generally have better support for removable drives.

It is safe to power off the PC when you’re done with these rescue CDs. Just make sure to remove the CD before you try to boot up again into Windows, otherwise the computer will boot back into the rescue CD.

Оставьте комментарий