If your computer is infected with malware, running an antivirus within Windows may not be enough to remove it. If your computer has a rootkit, the malware can hide from your antivirus software.
This is where bootable antivirus solutions come in. They can clean malware from outside the infected Windows system, so the malware won’t run or interfere with the cleanup process.
RELATED: Not All “Viruses” Are Viruses: 10 Malware Terms Explained
The problem with cleaning malware from within Windows
Standard antivirus software runs on Windows. If your computer is infected with malware, your antivirus software will have to fight the malware. The antivirus software will try to stop the malware and remove it, while the malware will try to defend itself and shut down the antivirus. For really nasty malware, your antivirus software may not be able to completely remove it from Windows.
RELATED: How to remove viruses and malware on your Windows PC
Rootkits, a type of malware that hides, can be even more complicated. A rootkit could load at boot time before other Windows components and prevent Windows from seeing it, hide its processes from task manager, and even trick antivirus applications into thinking the rootkit isn’t running.
The problem here is that malware and antivirus are running on the computer at the same time. Antivirus is trying to fight malware on its own turf: malware can put up a fight.
Why you should use an antivirus boot disk
Antivirus boot disks take care of this by approaching malware from outside of Windows. Boot your computer from a CD or USB drive containing the antivirus and load a specialized operating system (usually Linux-based) from the disk. Even if your Windows installation is completely infected with malware, the special operating system will not have any malware running inside of it.
This means that the antivirus program can work on the Windows installation from the outside. The malware will not run while the antivirus tries to remove it, so the antivirus can methodically locate and remove the harmful software without your interference.
Rootkits will not be able to configure the tricks they use at Windows boot time to hide from the rest of the operating system. The antivirus will be able to see the rootkits and remove them.
These tools are often called “rescue disks”. They are intended to be used when you need to rescue a hopelessly infected system.
Boot antivirus options
As with any type of antivirus software, you have quite a few options. Many antivirus companies offer bootable antivirus systems based on their antivirus software. These tools are generally free, even when they are offered by companies specializing in paid antivirus solutions. Here are some good options:
- avast! Rescue Disk – Avast! offers the possibility to create an antivirus boot disk or a USB drive. Simply go to the Tools -> Rescue Disk option in Avast! desktop application to create bootable media.
- TrendMicro Rescue Disk – TrendMicro consistently performs well in antivirus comparisons and offers a rescue utility that can be run from a regular disk or USB flash drive.
- Avira Rescue System: Another solid antivirus program, Avira also offers a rescue utility. You will need to use Rufus to create a bootable USB drive,
These are just a handful of options. If you prefer another antivirus for some reason, such as Comodo, Norton, Kaspersky, ESET, or just about any other antivirus product, you’ll probably find that it offers its own system rescue disk.
How to use an antivirus boot disk
Using an antivirus boot disk or USB drive is pretty simple. You just need to find the antivirus boot disk you want to use and burn it to a disc or install it to a USB drive. You can do this part on any computer, so you can create antivirus bootable media on a clean computer and then take it to an infected computer.
Insert the bootable media into the infected computer and then reboot. The computer should boot from the removable media and load the secure antivirus environment. (If not, you may need to change the boot order in your BIOS or UEFI firmware.) You can then follow the instructions on your screen to scan your Windows system for malware and remove it. No malware will be running in the background while you do this.
Antivirus boot disks are useful because they allow you to detect and clean malware infections from outside of an infected operating system. If the operating system is severely infected, it may not be possible to remove, or even detect, all the malware it contains.