How to Really Kill Computer Viruses
How do you know if your computer has a virus? Is it connected to the Internet? Then it has a virus. Many computer viruses and other malicious applications are very resilient and will actively resist any attempts to deactivate and remove them. Some viruses can even delete your antivirus application or prevent it from working properly. Many viruses cannot be effectively removed once they are loaded in memory and active.
The solution is to scan the hard drive without starting Windows. There are the so-called “Rescue CDs” provided by antivirus software makers or third-party developers for free. These are ISO images containing the antivirus software and usually a Linux operating system. The ISO can be burned to a CD or written to a bootable USB stick.
When you boot from this “Rescue CD”, your computer does not run any files from your Windows system disk and so any viruses it contains remain inactive and vulnerable. This makes the antivirus application’s job much easier. The resulting clean-up operation is far more thorough than anything that can be accomplished from within Windows.
Antivirus applications are not created equal. Some are better at dealing with certain viruses than others. This is why it may be necessary to use several different “Rescue CDs” to achieve the desired result.
BitDefender rescue disk is a relatively small (260-Mb) ISO image that contains Knoppix Linux OS and the BitDefender virus scanner and rootkit checker. This rescue disk is very easy to use. All you need to do is to burn the ISO to CD or write it to USB stick and boot from it.
The Trinity Rescue Kit (TRK) contains the BitDefender virus scanner, as well as several other antivirus applications and many different tools for analyzing and repairing your computer. This bundle is a bit more advanced and using it effectively requires some thinking on your part. The TRK is great when it works, but it has been known to have a few bugs now and then, like not being able to find… itself after booting. It is probably a better idea to use TRK from a CD and not a USB stick.
You can download the ISO and prepare the USB stick at any time. Running the virus scanner is best done overnight. The process may take several hours and you will not be able to use your computer during that time. When downloading the particular rescue disk, make sure to select the most recent available ISO image. And so here are the steps:
Download a virus scanner ISO file from any of the sources below:
Trinity Rescue Kit
If any of the links don’t work, just use the domain name to get to the developer’s site and look for a download link for a rescue CD image (*.iso file). I recommend you try the BitDefender image.
- Download UNetbootin for Windows: http://unetbootin.sourceforge.net/
- Make sure you have a USB stick without any data on it and with sufficient capacity to accommodate the ISO image you downloaded. For most ISO images, a 512-Mb USB stick should be sufficient.
- Confirm that your computer is capable of booting from USB. You will need to reboot your PC, go into BIOS and look at the boot device priority. The preferred sequence should be: a) USB or floppy, b) CD/DVD, c) Hard Drive, but USB can come after CD/DVD.
- Insert the USB stick into your computer. In the Windows Explorer, right-click on the USB drive letter and select “Format”. You can use quick format with FAT32 filesystem type. This is just to wipe the device clean.
- Start UNetbootin, select the ISO you downloaded and choose the destination USB drive. After UNetbootin is done writing the ISO to the USB stick, it will prompt you to reboot your PC.
- Disconnect any USB, eSATA, or Firewire storage devices (except for the USB stick you just configured, of course) that you don’t want to scan for viruses. It is usually not necessary to scan external hard drives as most viruses and other malware prefer to reside on the system disk.
- Make sure you remove any CDs or DVDs from the drives.
- If you are using a laptop and have an external monitor hooked up or if you are using a docking station, there are two things you need to do: a) disconnect external monitor and use laptop’s screen instead; b) undock your laptop but leave it connected to the power adapter. The virus scan make take a few hours and the battery will not last that long.
- When your computer starts up, go into BIOS and check boot device order if you haven’t done so already. You need to make sure that USB drives boot before hard drives.
- The rest of the process depends on the particular antivirus scanner you are using. With BitDefender, for example, there is nothing else you need to do: just boot your PC from the US stick, a Linux OS will load and BitDefender will automatically start scanning your computer’s hard drive(s). If you wish to download latest updates and your network does not have DHCP (it probably does), you will need to provide network information such as your computer’s IP, default gateway and DNS server IP.
Once the scan completes, review the results. You should save or write down the list of all infected files found on your system. Any infections that could not be repaired, can be deleted at your discretion.
Unplug the USB stick and reboot your PC normally.