Create a Virus Rescue CD
To create a virus rescue CD you will need:1. An internet connection to download the files.
2. An uninfected computer to download files onto.
3. You will need a blank CD or DVD. Sometimes you can use a USB flash drive but make sure the infected computer has a usb port.
The virus rescue Cd files are free to download at websites all over the interenet. Here is a list of some the the best rescue scanners to download:
http://support.kaspersky.com/viruses/rescuedisk?level=2#downloads
http://support.kaspersky.com/viruses/disinfection/5350
http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline
http://www.bitdefender.com.au/support/How-to-create-a-BitDefender-Rescue-CD-627.html
http://www.avira.com/en/download/product/avira-rescue-system
http://www.avg.com/us-en/avg-rescue-cd-download
http://public.avast.com/~gmerek/aswMBR.htm
Not every rescue scanner will pickup all files so I suggest you try at least two of these downloads.
How To Write the Files To a USB Drive
Taken directly from the Kaspersky Rescue Disc ManualTo write a Kaspersky Rescue Disk image to a removable media:
1. Load the Kaspersky Rescue Disk .iso image from the Kaspersky Lab server.
2. Create a folder with the rescue name on your removable drive.
3. Copy the rescue.iso image to your removable drive (<Removable drive>:\rescue) and rename it to
rescueusb.iso.
4. Open the rescueusb.iso image with any .iso image editors (for instance, UltraISO).
5. Copy the following files to your removable drive (<Removable drive>:\rescue) from the rescueusb.iso image:
- README.txt.
- the help folder.
liveusb before copying).
7. Modify the boot_from_hard.cfg content, located in the iso image under the following path: boot \ grub \ cfg.
To do this, select the file and right-click it to open the menu and select the Open with option. In the window that
opens, select the Select an application from the list manually option. Click the OK button. Select the
Notepad application and click the OK button. In the file that opens, replace root (hd0) with root (hd1). Save
changes.
8. Delete everything, except the boot folder, from the rescueusb.iso image. Save changes.
9. Copy the original rescue.iso image to <Removable drive>:\rescue. Now you have two .iso images on the
removable drive: rescueusb.iso and rescue.iso.
Rescueusb.iso is used only for loading grub2 and booting Linux.
10. Click the http://nufans.net/grub4dos/grub4dos-0.4.4-2009-10-16.zip link to download an archive. Unpack it to the
corresponding folder. Open the unpacked folder.
11. Copy the following files from the specified folder to the root of your removable drive:
- grldr.
- menu.lst.
Modify the menu.lst content. To do this, select the file and right-click it to open the menu and select the
Open with option. In the window that opens, select the Select an application from the list manually
option. Click the OK button. Select the Notepad application and click the OK button. Replace all the file
content with the following expression, following the syntax strictly:
map (hd0,0)/rescue/rescueusb.iso (0xff) || map –mem
(hd0,0)/rescue/rescueusb.iso (0xff)
map –hook
chainloader (0xff)
Save changes.
12. Obtain the number assigned to your removable disk.Open with option. In the window that opens, select the Select an application from the list manually
option. Click the OK button. Select the Notepad application and click the OK button. Replace all the file
content with the following expression, following the syntax strictly:
map (hd0,0)/rescue/rescueusb.iso (0xff) || map –mem
(hd0,0)/rescue/rescueusb.iso (0xff)
map –hook
chainloader (0xff)
Save changes.
To do this, in the task pane of your operating system select Start Control Panel Administrative Tools
Computer management. In the window that opens, select Disk Management from the drop-down list. In the
right part of the window a list of connected drives will open. Select your removable drive and remember its
number.
13. Use the http://download.gna.org/grubutil/grubinst-1.1-bin-w32-2008-01-01.zip link to download an archive.
14. Open the command line. To do this, in the task pane of your operating system select the Start Run and in
the Open field enter cmd.
15. In the command line enter “Path to the downloaded archive\grubinst.exe” (hdN), where N is your disk
number.
Creating An Updated Virus Rescue CD
Because new viruses are created daily, you need to download the files for a virus rescue CD when you need them, not 6 months in advance.How To Use Your Bootable CD or USB
1. To use the bootable USB simply plug in the USB to the infected computer and and then start the computer.2. When the computer is booting, enter the BIOS to change settings of the boot order. You want the computer to boot to the USB first and not the main hard drive. If you want to boot to a CD then choose this instead.
3. To enter the BIOS you will need to press F8, F12, F10 or ESC key very quickly when booting up. Which key you use depends on your BIOS software on your computer.
Once the computer boots to the bootable virus rescue USB stick or CD you will be able to scan the computer for viruses. As stated above, you might need to try a few different ones to get all the malware and viruses off your computer.
The reason we boot to the virus rescue media first is so the virus does not have a chance to load. They usually rely on the operating system to be loaded to reek their havoc.
No comments:
Post a Comment