Unable to boot into Microsoft Windows due to Ransomware [ Wikipedia ] virus or Trojan? Sometimes we find ourselves in deep trouble when our system refuses to boot up, more often than not, this is due to viral infection and how do we go about cleaning the system without formatting when our system failed to boot, even in safe mode?
In situations like these, Rescue Disks become very useful. Today we’re going to talk about Free Rescue Disks available in the market. Basically what this Rescue Disk does is, it boots itself up before the system (Windows) in DOS and subsequently performs a system check for viruses and Trojans. And the winner is? Avira Rescue System, because the virus definition for its rescue system is updated on a daily basis, whereas the others virus definition for their Rescue System Disk are updated on a monthly basis.
The problem is, how do you remove these FBI warning viruses without formatting your computer because of all the important files in your C drive? Here is a complete list of Bootable USB and CD Antivirus rescue software for Microsoft Windows. It is a good idea to clone your entire disk before performing the rescue in the event that something goes wrong. Yesterday I received a comment from a reader in one of my previous posts and it said,
“Hello! I guess I have downloaded the virus version because since I have downloaded it I cannot turn my computer on anymore, it keeps telling me that there is a problem with a new software and that I should put my windows disc in and repair my computer. Does someone know what to do? Thanks!”
How does one go about fixing, repairing and rescuing unbootable windows without formatting? In situation like this, one can enter ‘safe mode’ during the loading of windows and remove the virus or trojan, however, there is a small percentage where the virus has infected all the important windows files required for a successful loading of ‘safe mode’, thus causing windows to restarting every time you load ‘safe mode’, to resolve this unbootable problem, you’ll need a bootable DOS Anti Virus. Here are the top 7 bootable antivirus:
Your Computer Has Been Locked Ransomware Threats!
- Reveton – A larger gang, using malware called Reveton, was detected attempting to infect 500,000 computers over a period of 18 days.
- FBI Moneypak virus / CryptoLocker Virus – This notorious scam illegally in name of FBI has derived to several variants including FBI Ransomware Moneypak virus, FBI Online Agent virus, FBI Black Screen of Death Virus, FBI Ultimate Game Card virus, etc.
- Metropolitan Police Ukash virus (PCeU ransomware) – This malware spreads in Europe, mainly in Britain. It is also called Police Central e-crime Unit virus PCeU virus and its ransomware family Urausy spread across the whole European continent in different images and languages depending on the geographically infected area.
- CryptoLocker.F / CryptoWall and TorrentLocker – The Trojans spread via fraudulent emails claiming to be failed parcel delivery notices from Australia Post; to evade detection by automatic email scanners that follow all links on a page to scan for malware, this variant was designed to require users to visit a web page and enter a CAPTCHA code before the payload is actually downloaded, preventing such automated processes from being able to scan the payload.
When Is It Necessary To Use Rescue Disc To Disinfect?
You can use the Rescue CD to scan your computer and quarantine harmful files. These free Bootable CD & USB Antivirus are able to remove crimeware that traditional virus scanning methods can’t. There are two main situations when you should use the Rescue CD:
- The computer no longer starts, as a harmful application has corrupted the operating system. In this case, you can use the Rescue CD to scan the computer and quarantine the application. This may allow the operating system to start properly again.
- If you suspect that a harmful application has compromised your security software. You can use the Rescue CD to check this, as it is independent of the operating system.
If the computer cannot be recovered, you can also use Rescue CD and a USB drive to save your important files. Note that if you copy data from the computer to the USB drive, this data may contain viruses or other harmful content. The Rescue CD cannot scan encrypted disks.
Panda Cloud Cleaner Rescue ISO is a tool which allows you to scan computers or VMWare images which, due to virus infections, will not start correctly. This disinfection tool included in the ISO is Panda Cloud Cleaner. Disinfection tool for computers that won’t boot! IMPORTANT! You must carry out the burning of the ISO image from a computer that is not infected with viruses or ransomware. Works great on Microsoft’s Windows 10 and Apple’s macOS.
↓ 02 – AVG Rescue CD
Keep your systems running smoothly with protection from AVG Rescue CD. This comprehensive toolkit repairs system crashes and returns systems to operating at full capacity. Complete recovery. Completely free. If malware gets past your security software, AVG Rescue CD can get your PC back up and running. AVG resellers have been using this same solution to recover their customers infected systems and now it’s available to your business, free of charge. It’s your system’s clean bill of health without the bill.
↓ 03 – Bitdefender Rescue CD
Bitdefender Rescue CD is a free tool that scans and cleans your computer whenever you suspect a malware threat is affecting its operation. Bitdefender Rescue CD works without loading the operating system and can be set up either on a CD/DVD or on a USB flash drive.
Because BitDefender Rescue CD is powered by Linux OS, it comes packed with tons of features, just like Avira’s own rescue system. The best thing in this rescue CD is, when you boot using this CD and connect to the Internet, it can update the virus definition.
↓ 04 – Comodo Rescue Disk
Boot your computer to Comodo Rescue Disk (CRD) and you can scan your entire system for viruses before Windows loads. Comodo Rescue Disk (CRD) is a bootable disk image that allows users to run virus scans in a pre-boot environment. It is a powerful virus, spyware and rootkit cleaner which works in both GUI and text mode. CRD can provide a more comprehensive and thorough scan than regular malware cleaning applications because it cleans your system before Windows is loaded.
- Boot disk that runs Comodo Cleaning Essentials virus scanner in a pre-boot environment
- Includes full AV scanning engine capable of removing rootkits embedded so deeply they cannot be removed with CCE for Windows
- Automatically downloads latest virus signatures prior to executing scan for maximum security
- Perfect for ensuring computers are totally clean of threats when troubleshooting problems or setting up a secure network of endpoints
- Also includes tools that allow you to explore files, take screenshots and browse the Internet
- No installation required – runs direct from USB or CD/DVD
↓ 05 – Dr.Web® LiveDisk
Emergency system repair from a CD/DVD disk or a bootable USB drive. If the activities of malicious programs have made it impossible for you to boot a computer running Windows, you can recover the affected system for free using Dr.Web LiveDisk! With Dr.Web LiveDisk you can not only clean your system of infected and suspicious files but also copy important information to removable media or another computer; Dr.Web LiveDisk also attempts to cure infected objects.
↓ 06 – Kaspersky Rescue Disk
Protection from viruses loading at startup. Kaspersky Rescue Disk is a free tool for disinfecting computers from malware which does not allow the operating system to start. Kaspersky Rescue Disk 10 is designed to scan and disinfect x86 and x64-compatible computers that have been infected. The application should be used when the infection is so severe that it is impossible to disinfect the computer using anti-virus applications or malware removal utilities (such as Kaspersky Virus Removal Tool) running under the operating system.
In this case, disinfection is more efficient because malware programs do not gain control when the operating system is being loaded. In the emergency repair mode, you can only start objects, scan tasks, update databases, roll back updates and view statistics. Kaspersky Rescue Disk 10 allows performing the following actions.
Configure objects scan settings:
- change security level
- change actions to be performed on detected objects
- create a scan scope
- change types of objects to be scanned
- limit scan time
- configure scan of compound files
- change a scan method
- set default settings
Configure databases update settings:
- select an update source
- specify proxy-server settings
- specify regional settings
- roll back to previous databases
Configure additional settings:
- select detection of specific threat types
- create a trusted zone
- configure notifications settings
- specify time of storing reports
- specify time of storing Quarantine and Backup objects
- Create a report on scan and update tasks.
- View statistics about applican’s functioning.
↓ 07 – Sophos Bootable Anti-Virus
If you have tried all other methods of removing a malware infection from your computer and you are still having problems, use the instructions below to download the Sophos Bootable Antivirus (SBAV) file and burn it to CD. The Sophos Bootable Antivirus (SBAV) tool allows you to scan and clean up a computer infected with malware without the need to load the infected operating system installed onto the local hard drive of a computer.
This is useful if the state of the computer’s normal operating system – when booted – prevents cleanup by other means, or the Master Boot Record (MBR) of the computer’s hard drive is infected.
Sometimes, malicious and other potentially unwanted software, including rootkits, try to install themselves on your PC. This can happen when you connect to the Internet or install some programs from a CD, DVD, or other media. Once on your PC, this software might run immediately, or it might run at unexpected times.
Windows Defender Offline can help remove such hard to find malicious and potentially unwanted programs using definitions that recognize threats. Definitions are files that provide an encyclopedia of potential software threats. Because new threats appear daily, it’s important to always have the most up-to-date definitions installed in Windows Defender Offline. Armed with definition files, Windows Defender Offline can detect malicious and potentially unwanted software, and then notify you of the risks.
The Norton Bootable Recovery Tool comes as an ISO image that you can use to create bootable rescue media on DVD or USB drive. Using this media, you can start the computer, scan and remove the threats that caused the problem. Norton Bootable Recovery Tool is a Rescue tool that is available for free to everyone.
You can use this tool to restore your computer to normal working mode when it is infected so deeply that it will not start. Norton Bootable Recovery Tool (NBRT) can also be used to scan and remediate threats should you face difficulty in installing or running Norton products due to a virus infection in your computer. You have to download the ISO image and create a bootable DVD or USB rescue media.
↓ 10 – G DATA BootMedium
The G DATA boot medium is a practical aid for detecting viruses that have already embedded themselves on your computer prior to installing the antivirus software. In the current version the boot medium is also capable of restoring all backups created with G DATA solutions (only available in the TOTAL PROTECTION solution). The download file is an ISO file, i.e. it must either be burnt to a CD/DVD or be mounted via a virtual drive so it can be used from a USB stick for example. You can download the boot medium in the “Tools” download area.
↓ 11 – HitmanPro.Kickstart
HitmanPro.Kickstart is the solution against police ransomware and other persistent malware that has taken your computer hostage or prevents normal computer use. When your PC has been infected with ransomware you see a message, supposedly from the police, FBI or other authorities, demanding that a fine must be paid in order to unlock the computer. Payment is done via prepaid cards from Ukash, MoneyPak or Paysafecard.
All you need to do is boot up your system with the help of the HitmanPro.Kickstart USB flash drive. The programs on the flash drive will make sure that you boot into your own familiar Windows environment and start HitmanPro there. All the required drivers for your devices and all wireless network passwords (who can remember them?) will be readily available. There is no need to become familiar with the tools of other operating systems, like for instance Linux.
↓ 12 – ESET SysRescue Live
ESET SysRescue Live is only intended as an on-demand scanning and removal tool to get rid of persistent threats. It is a malware cleaning tool that runs independent of the operating system from a CD, DVD, or a USB. It has direct access to the disk and the file system, and therefore is capable of removing the most persistent threats.
- ESET SysRescue Live is a malware cleaning tool that runs independent of the operating system from a CD, DVD, or a USB.
- It has direct access to the disk and the file system, and therefore is capable of removing the most persistent threats.
↓ 13 – Antivirus Live CD
Antivirus Live CD is a 4MLinux fork including the ClamAV scanner. It’s designed for users who need a lightweight live CD, which will help them to protect their computers against viruses. Both Ethernet (including Wi-Fi) and dial-up (including fast USB modems) Internet connections are supported to enable automatic updates of the virus signature database. All partitions are mounted automatically during boot so that they can be scanned by ClamAV.
↓ 14 – Panda SafeDisk
Panda SafeCD is a free utility to disinfect any Operating System. Simply burn into a CD or USB and boot your PC with Panda SafeCD to scan and disinfect your PC. This useful utility comes in handy when you need to clean a friend’s PC (or your own) from a malware infested state. It is specially useful for detecting and disinfecting malware infections which give regular AV products running within Windows a hard time.
↓ 15 – Avira Rescue System [ Discontinued ]
The Avira Rescue System is a product that is able to scan, repair and undo changes of a Windows system that malware might have done in particular to the registry. The new Rescue System is based on an adapted Ubuntu 12.04 LTS desktop system and runs on that platform as an independent application. Thus, it provides support for a broad range of hardware and drivers and should run on a large number of systems
available on the market or used by customers.
The Rescue System is a wizard-based product and therefore easy to use for any inexperienced consumer. The product also offers the possibility to scan and disinfect an operating system via the command line, unfortunately the repair option is not supported in this mode. Product features:
- Dash home – This option includes a repository of several applications and is divided into 4 main categories: Recent Apps, Installed Apps, Folders and Search Music Collection.
- The Avira Rescue System Wizard – The Wizard helps scanning the system for threats and repairs the system in case of damage.
- Contact Avira Support – If any problems occur during the repair and there is need for technical assistants do not hesitate to contact the support section of Avira.
- Start Teamviewer – This option helps to establish a remote desktop connection with an Avira expert
- Start Avira Registry Editor – The Avira Registry Editor allows you to modify registry keys and value data
- Firefox Web Browser – The implemented web browser helps you to get in contact with the internet
- Home Folder – Within this option you can explore the folders of your system
- GParted Partition Editor – The Partition Editor mounts your system partition and helps editing and modifying the partition
- Terminal – The integrated Terminal helps to restore manually renamed files in case of a mistaken detection
- System Settings – This option contains a repository for User and Hardware settings
↓ 16 – AOSS Malware Scanner [ Discontinued ]
Once a system is infected with malware it becomes difficult to remove that malware as it is already embedded in the system and has control over many components which are key to the system’s operations. Malware, like rootkits, use system components to hide themselves and prevent other software from detecting or removing them.
This is often the case of who gets there first; if the malware is able to get control of the system earlier on then it also has control over any software that may be run later. Besides just hiding, malware can also block the execution of other security applications. If you cannot install or run a security application in the first place then you cannot scan and detect the malware.
The best time to remove this malware is when it is not running, but malware often starts with the Operating System, so we would have to stop the Operating System to stop the malware. On a shutdown OS nothing is running and malware like rootkits cannot hide themselves and so it would be easy to find and remove them.
↓ 17 – Trend Micro Rescue Disk [ Discontinued ]
Trend Micro Rescue Disk allows you to use a CD, DVD, or USB drive to examine your computer without launching Microsoft Windows. It finds and removes persistent or difficult-to-clean security threats that can lurk deep within your operating system.
Rescue Disk does not need to load potentially-infected system files into memory before trying to remove them. It can scan hidden files, system drivers, and the Master Boot Record (MBR) of your computer’s hard drive without disturbing the operating system.
↓ 18 – Zillya! LiveCD [ Discontinued ]
Zillya! LiveCD is recommended for those who have damaged or unbootable Windows on the computer. With this disk, you can restore the normal operating of a Windows system, damaged due to virus attack.
↓ 19 – F-Secure Rescue CD [ Discontinued ]
Boot and investigate an unresponsive PC. F-Secure Rescue CD contains the Knoppix derivative of the Linux operating system, which can run completely from a CD and allows access to your PC’s operating system and hard disks. Use Rescue CD to boot up a PC you suspect has been infected, or has had its security software compromised. Note that it cannot scan encrypted disks. Once booted, you can check the installed programs and perform more advanced repair and data recovery operations.
- Update the virus definition if an Internet connection is available.
- Rescue CD will by default scan, all hard drives in the computer, all USB drives attached to the computer, Windows FAT and NTFS drives
- Virus definition databases are updated automatically if the computer has an internet connection
- Virus definition databases can be updated manually by using a USB drive
- The Rescue CD Guide (pdf) has step by step instructions how to use the CD
↓ 20 – Anvi Rescue Disk [ Discontinued ]
Rescue your computer from evil claws of nasty ransomware, boot-sector virus. Anvi Rescue Disk was designed to be used when standard antivirus software fail to detect and clean various computer infections, especially boot-sector viruses like ransomware. The Anvi Rescue ISO image, Rescue.iso, can be burned on a CD/DVD or a bootable USB device using your disc burner to launch the infected computer from there to troubleshoot.
↓ 21 – Trinity Rescue Kit [ Discontinued ]
Trinity Rescue Kit or TRK is a free live Linux distribution that aims specifically at recovery and repair operations on Windows machines, but is equally usable for Linux recovery issues. Since version 3.4 it has an easy to use scrollable text menu that allows anyone who masters a keyboard and some English to perform maintenance and repair on a computer, ranging from password resetting over disk cleanup to virus scanning