Are you at a point where even the antivirus software has failed to protect your system ?
If a Windows system is badly infected with malware, running an antivirus from inside Windows often won’t help.
Malware can hide itself on an infected system, avoiding detection. Other malware may attempt to battle the antivirus software, preventing it from properly installing or scanning. This is why it’s important to catch malware before it infects you. In this scenario usually you would have no choice other than to purge your system (not literally) clean and install fresh copy of OS. Well not anymore, today I will show you the possible ways you can follow to save your computer.
1. Use an Antivirus Boot Disc/Rescue Disc
Antivirus companies often create boot discs you can use to scan and repair your computer. These tools can be burned to a CD or DVD or installed onto a USB drive. You can then restart your computer and boot from the removable media. A special antivirus environment will load where your computer can be scanned and repaired.
This is all happening outside of Windows — some of these discs are even based on Linux — so the malware won’t be running while this happens. This allows the antivirus to detect rootkits and other normally hidden types of malware, as well as remove malware that would normally try to defend itself.
2. Boot Into Safe Mode
In Safe Mode, Windows won’t load third-party startup programs or hardware drivers. If malware is running when you boot into Windows normally, it shouldn’t automatically run when you boot into Safe Mode. Even so Safe Mode isn’t completely outside of Windows, so it may not help you if a malware has deeply infected your system files.
From this minimal environment, you can install an antivirus program, scan for malware, and remove it. If you already have an antivirus program installed and it’s failing to remove malware — or the malware is returning after it’s removed — you may have to boot into Safe Mode to remove the malware properly.
- To enter Safe Mode on Windows 7 or earlier, restart your computer and repeatedly tap F8 at the start of the boot-up process. Select Safe Mode or Safe Mode with Networking in the menu that appears. Normal Safe Mode offers no Internet access so you’ll have to install an antivirus from a USB drive or other removable media, while Safe Mode with Networking offers Internet access so you can download and update an antivirus from within Safe Mode. Log into your computer, download and install the antivirus software, and run it.
- On Windows 8 or later, press Windows Key + I to open the Settings charm pane. Press and hold the Shift key as you click the Restart option under the power button. Your computer will restart into a special boot options menu. Click Troubleshoot > Advanced Options > Startup Settings > Restart. On the Startup Settings screen, press F4 or 4 to enter Safe Mode or press F5 or 5 to enter Safe Mode with Networking.
Restart your computer when you’re done to leave Safe Mode.
3. Get a LiveCD or Live USB
LiveCDs and USBs are a wonderful thing in the Linux world because they let you boot a machine directly from the CD or USB stick without ever having to access the computer’s boot records. Not only are they a great way to take Linux for a test-drive, but they can also be put to work when Windows can’t.
By far the fastest way to get a LiveCD or USB is to download the .iso file of the Linux distribution you’d like to use and then burn it onto a CD or USB stick. S
Ubuntu is the most popular Linux operating system and can be downloaded from the project’s Website for use on a LiveCD or USB. UNetbootin is another nice option if you want to go the USB route, which tends to run much faster.
Once you’re equipped with a Linux LiveCD or USB, you’ll need to make sure the infected computer is turned off, and then turn it on again with the CD or USB installed. This will boot the computer into Linux, completely bypassing Windows and its infection.
- Next it’s time to get the Linux-based ammunition you’ll need to wipe out the malware: antivirus software. I’m going to use ClamAV, my favorite, via ClamTK, which provides a nice graphical front end.
From the main Ubuntu desktop, then, go to “Applications” and then “Ubuntu Software Center.” Choose “Edit” and then “Software Sources.” You’ll be presented with a box entitled, “Downloadable from the Internet,” and you should be sure all four boxes are checked before you click on “Close.”
Next, from the main Ubuntu Software Center page, click on the “Accessories” icon and type ClamTK into the search box. It will be shown as “Virus Scanner,” but if you click on “More Info” you can verify it’s the right package. Click “Install” and wait for it to download.
Once installation is finished, you should launch ClamTK by going to “Applications” in Ubuntu’s main menu, then “Accessories” and “Virus Scanner,” which is how the software will still be shown.
- When the ClamTK window opens, click on the “Scan” tab and select the option for a Recursive Scan. Next, you’ll need to tell the software which drive you want to check for viruses, which in this case is the one that includes Windows. Scanning may take some time, but once the infection is found you’ll get the usual options for what to do with it, including quarantine and removal.
- Assuming the infection has now been removed, your computer should be clean once again, making it safe to remove the LiveCD or USB and boot back into Windows as usual. As you enjoy your malware-free machine once again, remember that it’s all thanks to Linux. It’s also not a bad idea to keep your LiveCD or USB handy so you’ll be ready for the next time.
Of course, if your computer does become infected with malware, there’s no way to be completely sure the all malware is gone. For this reason, it’s often a good idea to reinstall Windows — or use the Refresh or Reset features on Windows 8 — after a computer becomes badly infected. You’ll get a clean system with no malware so you’ll know for sure your computer is safe. You also won’t have to waste any time attempting to find and remove malware. If you have backups of your important files, this process often won’t take too long.