Kaspersky Rescue Disk 10
A bad malware infection will ruin your day. A really bad malware infection will ruin your day and hack your OS, making it nearly impossible to remove conventionally. Luckily there are numerous free software tools you can use to try to clean up a badly infected system, potentially saving you the data loss involved in a full, scorched earth reformat and reinstall. Today, we'll take a look at Kaspersky Lab's Rescue Disk 10, a free live disk tool that comes with Kaspersky's security software.
Getting Rescue Disk 10
Kaspersky Rescue Disk 10 is a free live disk utility that you can use to bypass a badly infected operating system, booting its own clean, stripped down OS and allowing you to run the Kaspersky antivirus software unmolested by malware. Rescue Disk is available for download as an .iso image file which you can burn onto a CD, DVD, or USB thumb drive.
Burning the Image
After downloading the image file (kav_rescue_10.iso), the first thing you'll need to do is to burn the image onto a disk using any of a number of programs such as Nero, Free ISO Burner, PowerISO, or the Windows Disc Image Burner that comes with Windows 7. The .iso file itself is under 300 MB, so you don't need to waste a DVD or BD if you have a blank CD handy.
Making a USB Rescue Disk
An alternative to using a CD or DVD is to mount the Rescue Disk 10 .iso file onto a USB thumb drive. Kaspersky provides a utility to let you do just that. Download the USB Rescue Disk Maker along with the .iso, run the utility, and select a USB stick that you want to turn into a Rescue Disk.
Getting Ready to Boot
Once you've got your Rescue CD or USB drive ready, plug the disk or drive in, restart your computer, and then configure your BIOS to change the boot order from your hard disk to the rescue disk. Save the new boot order and exit the BIOS so that you can now boot the Rescue Disk.
The Boot Menu
Once booted, Kaspersky Rescue Disk 10 will prompt you to select a language and confront you with a EULA wall of legalese. Once you agree to the EULA, you'll be confronted with this boot menu. Select the "Graphic Mode" option to boot Rescue Disk with a GUI, or if that doesn't work, use the clunkier text mode. You can also view hardware info about your machine, reboot, or shut down.
Graphic Mode will provide you with a generic GUI. You can then run the Kaspersky Rescue Disk's antivirus scan through the start menu at the bottom left, or by simply doubleclicking the icon on screen.
Updating the Database
Once the Rescue Disk's AV suite is up, the first thing you'll need to do is update the virus definitions. Click on the "My Update Center" tab to start the update. The Rescue Disk should autodetect your internet connection and the go from there, but if you need to set up your network connection, then you can configure it from the netwoork connections icon in the bottom right of your taskbar. Once the update is done, click the "Settings" button on the upper right of the window for the next step.
Configuring Objects Scan
Now we need to configure the thoroughness of the antivirus sweep. If you're not particularly tech-oriented, simply use the slider option ("Moderate" or "High" settings are recommended for thoroughness' sake), while more adept users can fine tune how Rescue Disk deals with the threats it encounters here. As a general rule, the more thorough the scan, the longer it will take to run. But if your system is badly hosed anyway, you probably don't want to take half measures. Once you're done with these settings, click OK, and then we'll be ready to go.
With the scan settings now configured, all you need to do is select the drives and objects you want to scan and then click the start button. Sit back, have a coffee, snack, or fizzy drink, and then take a break as Rescue Disk runs the virus scan. Depending on the size and number of your disk drives, this might take quite a while.
Checking Reports & Quarantine
Once the scan is complete, you'll need to respond to any prompts or alerts that the AV scan will give you on suspicious items. Clean what can be disinfected, and if not, then have suspect objects moved to quarantine. With the antivirus scan done, you should have rounded up a good chunk of malware infecting your system. From here, you should be able to shut down and then boot back with your regular OS to assess and repair damage done to your system.
After this we'll take a look at a few of the nifty extra features available in Rescue Disk 10 that may come in handy.
Extras: Registry Editor
Rescue Disk 10 comes with a Registry Editor that you can use to edit your system registry. It can be useful if you know exactly what you're doing, but as usual when editing your registry, be ridiculously careful as you may do more damage than good.
Kaspersky Rescue Disk 10 comes with the Konqueror browser that will allow you to surf the internet, allowing you to look up advice and information about any threats found while scanning your drives. This can be mighty handy if you're unsure of how to handle a threat.
Extras: File Manager
Finally, Rescue Disk also comes with a file manager system that should allow you to do basic file management operations on your drives for moving critical files, backing up data, etc.
For more information, you can download the Kaspersky Rescue Disk manual, or look up Kaspersky Rescue Disk 10 on Kaspersky Lab's support portal.
Do you have other favorite live disk anti-malware suites? Tips, tricks, or horror stories? You can share them in the comments section below!