The Anti-virus Times

Friday, August 18, 2023

We have already written in one of our previous Anti-virus Times issues about the free Dr.Web CureIt! utility. This effective and reliable tool for curing devices running Windows has deservedly gained users’ trust and is familiar to almost everyone who has ever encountered virus threats. Before we get to the topic of this issue, we will add to our previous story about Dr.Web CureIt! — especially since the "digital emergency aid kit" is closely related to the utility.

Dr.Web CureIt! incorporates many tools for bypassing the blocking of its operation by malware on an infected computer. Its scanner is also equipped with a unique anti-bootkit driver that can detect even carefully disguised threats on hard drives, without relying on the capabilities of the operating system. In addition, it is actively used by our developers as a platform for testing new threat countermeasures and curing methods not yet included in the main Dr.Web products. Thus, this utility is free and does not require installation; it is able to find and neutralise most of the world's complex threats: rootkits, bootkits, UEFI implants, and even APT threats. By the way, the paid version of the utility has another important difference: it can be run in command mode, which means it can be used in various tasks and scenarios for automation.

So that's what it is — the small but functional Dr.Web CureIt! But in today's issue, we want to tell you about another tool from Doctor Web's arsenal of free products. We are going to talk about Dr.Web LiveDisk. This is a tool for restoring a non-operational system affected by malware. Many of our readers probably know that Dr.Web LiveDisk has a built-in anti-virus scanner called CureIt! So, these products can be considered related — both detect and neutralise virus threats and are designed to restore a device’s device system. At the same time, Dr.Web LiveDisk is a more comprehensive solution; it is distinguished by its ability to cure a computer whose operating system fails to boot. Let's take a closer look at this useful program.

Like CureIt!, Dr.Web LiveDisk appeared quite a long time ago. Many users remember it as Dr.Web LiveCD. The program immediately gained great popularity among system administrators and computer repair engineers — it became a real digital emergency aid kit. In skilled hands, Dr.Web LiveDisk not only neutralises malware and restores a system's operation but also helps save user data, which in such cases is always priority number one. The absence of comprehensive anti-virus protection on a computer, neglecting to make backups, and downloading dubious software from a local network or the Internet are the typical scenarios when Windows "sends its warmest greetings" to the user and fails to boot.

Of course, malware can cause a complete failure of the main operating system. In this case, it is impossible to install an ordinary anti-virus or another program; nor can valuable data be copied. Removing the entire hard drive and installing it on another computer for curing is inconvenient and risky to a certain extent. You need a ready-made, secure, and functional environment that allows you to restore Windows to its operational state. And, of course, this environment should be easily deployed and be independent from the main system. Our free product Dr.Web LiveDisk is based on this principle.

Dr.Web LiveDisk is a program that is recorded on a removable media and is a Linux-based operating system with a set of utilities for restoring Windows’ functionality. Simply put, this is a service OS located on a "flash drive" that can help you eliminate the consequences of an infection. As noted above, Dr.Web LiveDisk incorporates the Dr.Web CureIt! anti-virus scanner, which detects and neutralises threats on a scanned computer. In addition to the scanner, Dr.Web LiveDisk has other useful utilities: file managers, a Windows registry editor, a Linux terminal emulator, and even a web browser for viewing Internet sites. Dr.Web LiveDisk supports networking and Internet access, including for updating the scanner’s virus databases with the help of another built-in utility — Dr.Web Updater. Thanks to its wide functionality, this free program is able not only to cure a computer but also to save user data by storing it to another medium or uploading it to the cloud.

Before starting to work with Dr.Web LiveDisk, you need to create a bootable medium. The program is supplied in the form of an ISO image for writing to an optical disk or an executable file for writing to a USB drive. Any of the versions can be downloaded from the official product page. Today, optical disks are no longer so common; it is much more convenient and practical to create a bootable "flash drive". Media with 1 GB of free space is enough for recording. The launch of the Dr.Web LiveDisk executable file will open the wizard for creating a bootable disk on the USB drive. In this case, the program itself will determine what media has connected and the amount of free space on it. Before creating a boot disk with Dr.Web, it is recommended to format the flash drive. This can be done using the program itself, but it should be remembered that formatting will delete all the existing data. After the boot disk with the program is created, you can use it to boot Dr.Web LiveDisk and restore your computer.

Of course, you need an operational computer to create a LiveDisk boot disk. Therefore, it is a good idea to create such a disk in advance and keep it at hand. Especially if you do not use a comprehensive anti-virus for resident system protection.

Dr.Web LiveDisk is loaded instead of the infected standard operating system. To launch the working environment, in the computer settings, you need to change the boot priority so that the computer first tries to boot from the USB drive, and not from the hard drive that has Windows installed on it. As a rule, this is done using the BIOS menu, which can be accessed at the computer’s initial booting stage. The sequence of steps to be followed to configure booting from a USB device is different for each specific PC, so we will not be able to describe all the possible options in this article. We recommend that you read the user manual for your device in order to make the correct configuration. If you skip this step, the computer will try to boot Windows, ignoring the boot from the "flash drive". If everything is configured correctly, you will see the Dr.Web LiveDisk boot menu during the boot process.

As already mentioned, Dr.Web LiveDisk is based on Linux. It has its own GUI with a desktop which is essentially a portable operating system that loads and runs independently of Windows. During initialisation, Dr.Web LiveDisk recognises the Windows system installed on the computer in order to be able to interact with its components. Let's talk about the main functions of the program and how it helps restore a device.

The most important component of the system is the Dr.Web CureIt! scanner. It is responsible for detecting and neutralising malware on a scanned computer and works exactly the same as in Windows. At the same time, its distinctive feature is its ability to update the CureIt! virus databases, using another built-in utility — Dr.Web Updater. Dr.Web LiveDisk supports network drivers and uses the network connection on your computer to automatically access the Internet. Before the first launch of Dr.Web CureIt!, we recommend that you update the virus databases.

Most often, if a device gets infected, scanning the system with the scanner is enough to return Windows to normal performance. There are also other useful utilities in Dr.Web LiveDisk's arsenal. One of them is the registry editor. This program automatically detects the Windows registry (or registries) installed on the computer, after which you can work with the registry keys and parameters in the same way as in Windows. It should be remembered that working with the registry requires certain knowledge and experience, so you should not modify its content without a full understanding of your actions. However, for experienced users, the registry editor is a great support that helps bring Windows back to life.

Finally, let's talk about how you can save your data using Dr.Web LiveDisk. For this, there are two file managers in the system. One of them works in graphical mode, almost like Windows Explorer, and the other in console mode. Both programs allow you to "walk" through directories in the same way as in Windows. The required data can be copied to removable media and saved. To do this, it is enough to connect another "flash drive" and move the required files to it.

Nothing prevents you from creating a backup—even in the cloud—if an Internet connection is configured in the Dr.Web LiveDisk environment. The system has a web browser with which you can visit sites and, for example, upload your data to a cloud service. This can be useful if there is no physical media at hand, and some files need to be transferred from the affected computer.

Thus, Dr.Web LiveDisk can do more than just cure an infected device. It can be used to save your data and even diagnose and restore the registry if the consequences of infection are too serious. This functionality can be stored on a small "flash drive" and be always at hand. To learn about all the program’s features, we recommend that you refer to the official user manual. In this article, we only briefly got acquainted with the main functions of the "administrator emergency aid kit" — Dr.Web LiveDisk.

We would like to finish with another reminder that it is much easier to prevent a problem than it is to eliminate its consequences. Dr.Web CureIt! and Dr.Web LiveDisk are very useful tools, but they cannot replace comprehensive anti-virus solutions. A reliable multi-layered protection system and regular backups are the best way to avoid malware and digital fraud issues.