Are Antivirus Rescue Drives Obsolete?

BulldogX · Dec 10, 2023

For many years I've had a (Kaspersky) antivirus rescue utility on a USB flash drive. The idea is that you have something you can boot to that will (hopefully) remove malware when the malware has made your computer unbootable.

I have never needed to use it, fortunately, but just for the heck of it I decided to boot my computer from the flash drive to see what it does. Good idea that, since I discovered that the Kaspersky AV rescue utility doesn't work on my new computer. (Kaspersky knows about it, and won't do anything about it 'cause it's a free utility. But this is not about Kaspersky.)

Looking around for a replacement I realized that there are very few of these remaining. Most of the big names in antivirus software stopped updating the rescue drives. Thus my question:

Are antivirus rescue drives obsolete?

TBH, if my computer was hit by malware, I would probably restore a backup rather than try to rescue it. So maybe AV rescue drives really are obsolete.

SIW2 · Dec 10, 2023

mse ( aka defender offline ) works in my win7 pe

eset runs off usb stick when booted into win10/11 pe. Needs pe with 32 bit support and a bit of pescratch space to download definitions about 300mb.

plonk it on the usb stick and it will download the latest defintions when run

Free Online Virus Scanner and Malware Scanner | ESET

Scan and remove malware for free with the ESET Malware Scanner. Our online virus scanner checks for any type of virus and helps you remove it. Try it today

www.eset.com

CSharpDev · Dec 10, 2023

I don't think they are obsolete. If you have something like a rootkit, what else would you do?

Ghot · Dec 10, 2023

BulldogX said:
TBH, if my computer was hit by malware, I would probably restore a backup

That's the ticket. ^^

trumpy81 · Dec 10, 2023

In most cases, Anti-virus rescue disks/drives can be put to other uses like fault finding/fixing, so I doubt they would ever be labelled obsolete.

As already noted, restoring from backup is often the best solution.

glasskuter · Dec 10, 2023

Haven't used an offline scanner in years for anyone else. It's an automatic clean install as it's the only way of me guaranteeing they are 100% clean with all the zero day crap out in the wild these days. I've never been infected myself but if I ever was I'd be back in business in 15 minutes. That's the beauty of having a regular backup routine.

SIW2 · Dec 10, 2023

Win10 custom pe

It downloads the latest definitions here

BulldogX · Dec 11, 2023

Thanks for everyone's ideas. I have decided to forgo an AV rescue disk and rely instead on my backups.

Cybersecurity is a particular interest of mine, and I learned that a computer that has been compromised by malware can no longer be trusted, even if you are able to recover from the attack.

zebal · Dec 13, 2023

BulldogX said:
Thanks for everyone's ideas. I have decided to forgo an AV rescue disk and rely instead on my backups.

Cybersecurity is a particular interest of mine, and I learned that a computer that has been compromised by malware can no longer be trusted, even if you are able to recover from the attack.

The only way to regain trust in computer is to clean reload OS.
Don't trust anything else and you'll be much safer.