When the operating system will not boot and when the operating system will boot. The best free malware scanners, offline and online, plus the best free bootable rescue solutions.
Recent Malware History
The incidence of malware infections on home computers has slowed quite dramatically over the past couple of years. I believe there are two main reasons for this:
- Improved detection and prevention by antivirus products due to heuristic (rule-based) detection now commonplace and much improved
- The cost to reward ratio now making producing new strains of malware unprofitable
The game of cat and mouse between malware developers and antivirus developers has been going on for years with malware developers continually producing new strains and antivirus developers always playing catch up. However, with relatively recent enhancements to antivirus products, including a much-improved heuristics component, these products are now more proactive rather than reactive which has seen antivirus developers get on top of the situation.
This has led to a rethink by malware purveyors who are now looking to more cost-effective measures to deliver their malicious load. Rather than trying to outsmart antivirus software, malware distributors are now relying more on tricking users into infecting their own machines and/or voluntarily disclosing sensitive financial details. This is achieved per medium of:
- Phishing emails impersonating legitimate institutions in the hopes of eliciting financial details.
- Embedding malicious links in emails
- Sending email with malicious attachments
If you think about it, it costs next to nothing to send out thousands, even millions of emails and, if even only (say) 5% of those emails elicit a response, it can potentially produce big bucks for the cybercriminals at a minimal cost. Regardless, there are still times when malware infections need to be dealt with and thankfully, there are plenty of options to help.
Clean Up Malware When The System Will Boot
There are two options here. If the system will still boot up and you have access to run applications unimpeded, then either local or online solutions are the way to go. NOTE: If malware is preventing local solutions from working properly, try running in Safe Mode.
These include any installed second-opinion scanners, such as Malwarebytes Free, or any portable second-opinion scanners. Most portable second-opinion scanners do not update their definition databases automatically and you need to download the latest full copy each time of use. That said, there is a very good free and portable second-opinion scanner that does update its definitions automatically from within the program– Emsisoft Emergency Kit Scanner.
Emsisoft Emergency Kit Scanner (EEK) is a big download (around 334 MB) but that is somewhat mitigated by the need to only download once for ongoing use. EEK is easy to use and will scan for and remove all prevalent forms of malware including rootkits and even PUPs. The only negative is that it doesn’t include any cloud-based scanning which means it is not as effective against zero-day (or new strains of) malware.
Another free and portable scanner is Norton Power Eraser, which relies solely on cloud-based implementation. Now, I know many users are not fans of Norton products but the fact is that Norton is a leader in the security industry and detection rates are undoubtedly top-notch. Norton Power Eraser doesn’t rely on definitions at all and utilizes Norton’s file reputation system to detect malware and PUPs.
NOTE: Norton Power Eraser is very aggressive and prone to false positives so make sure to check through the list of flagged items prior to removal. That said, Norton Power Eraser does include options to create a system restore point and undo previous fixes. When used in conjunction, EEK and Norton Power Eraser should ensure a successful malware clean up.
NOTE 2: Panda Cloud Cleaner – Anyone looking for an installable alternative to Malwarebytes Free might be interested in checking out Panda Cloud Cleaner. Panda Cloud Antivirus has always scored very highly for detection rates in lab tests and Panda Cloud Cleaner utilizes the same cloud database to identify and remove existing malware. Panda Cloud Cleaner is pretty basic but because it utilizes always up-to-date cloud-based scanning it never requires updating and is superior at detecting newer malware strains.
Again, provided the operating system boots up, quite a few security companies provide an online malware scanning facility, possibly the most well known of which is Trend Micro House Call. The obvious advantage of utilizing these services is that there is nothing to download and they are always up-to-date. Most are quite simple to use and can be very effective at cleaning up malware infections. Of course, the machine in question will require a working internet connection. In no particular order, here are links to several of the most reputable of these types of services:
Clean Up Malware When The System Will Not Boot
When a machine is so heavily infected that the operating system won’t boot you’ll need to rely on a bootable solution of which, thankfully, there are quite a few to choose from. These solutions are generally known as ”rescue discs” or ”bootable antivirus discs” and most often involve downloading an ISO file which then needs to either be burned to CD/DVD or used to create a bootable flash drive. You would then boot from the bootable media which, when loaded, you can use to scan the system and remove any identified malware. In no particular order:
- Kaspersky Free Rescue Disc – Professional product. Full graphical interface. Configurable scans. Scans for a wide range of malware (591 MB)
- ESET SysRescue Live – Excellent graphical interface. Highly configurable scans. Loads of advanced extras (677 MB)
- Comodo Rescue Disc – Graphical interface. Comparatively small download. Good variety of scan types. Includes heuristics scanning option (50.6 MB)
Once an operating system has become so badly infected that it will no longer boot it is difficult to guarantee getting back to a malware-free status. Plus, even though malware has been removed it may still leave behind damaged system files. If a bootable rescue disc manages to get your operating system up and running again I suggest you take the following further steps:
- Scan the system again with either installed or portable second-opinion malware scanners, then scan again with one of the online scanners.
- Run the System File Checker– open an elevated command prompt, type in sfc /scannow and then hit Enter. If file corruptions are found but not fixed, run the scanner several times. If still not fixed, please read: SFC Fails To Fix Errors – What Now?
With these types of severe infections, it is often safer to start over again with a fresh Windows installation.
- Learning Computers: Phishing
- 6 Security Tips For Today’s Dangerous Internet
- How To Use An Avast Bootable USB