One of the computer threats is viruses. To eliminate them, you need antivirus software installed on the computer, or… virus removal tools (portable apps), or an antivirus bootable rescue disk (.ISO) that can run independently of the operating system.
1. Any Microsoft Windows comes with Windows Security preinstalled. Go to the search bar (Press Windows logo key + S), type “Windows Security” in the box, and hit Enter to open it or select from Protection areas: “Virus & threats protection”;
To run a Full scan, under Current threats select Scan options. This option will “Check all files and running programs on your hard disk. This scan could take longer than one hour.” Any results can be found in Protection history or you can access the log files from C:\ProgramData\Microsoft\Windows Defender\Support. If the Program Data folder is not found, then go to Control Panel\All Control Panel Items> File Explorer Options> View> and select under Hidden files and folders> “Show hidden files, folders, and drives“;
In Windows 11, from File Explorer, select View > Show > Hidden items.
2. Windows Malicious Software Removal Tool (monthly updated) can be downloaded from KB890830 and can be used as a portable app to remove malicious software from an infected computer.
3. Malwarebytes Anti-Rootkit BETA, can be downloaded from https://downloads.malwarebytes.com/file/mbar/, and he can remove rootkits. Also can be used as a portable app, but to update to the latest database you need an Internet connection for daily updates. Once updated you can copy the “mbar” folder to a USB stick and can scan another system;
4. Norton Power Eraser is an aggressive virus removal tool. For instructions on using Norton Power Eraser, see the tutorial. Norton Bootable Recovery Tool‘s ISO image can be downloaded and used to create a bootable device and scan a potentially infected system.
5. ESET’s Free Online Scanner can be downloaded from the ONE-TIME SCAN button. Once you “choose a scan type” and after the “System is downloading module update…” will have another portable app that can scan a potentially infected system.
COPY from %USERPROFILE%\AppData\Local\ the all ESET folder to another system for the specific USERPROFILE and you can run a scan there with an updated module.
ESET SysRescue Live can be downloaded for free and used for a bootable device. This tool also can run independently of the operating system.
6. Avira Rescue System bootable tool based on Ubuntu Desktop;
7. Antivirus Live CD bootable tool which includes ClamAV scanner. Once the system booted with this tool the Linux terminal will open:
***KEYBOARD LAYOUT***
AntivirusLiveCD uses English (US) by default.
Do you wish to change this (y/n)?: n
***BOOT PASSWORD***
There is no password for root.
Do you wish to setup it now (y/n)?: y
Changing password for root
New password:
Retype your password:
***LOCAL TIME***
Do you live in Europe (y/n)?: y
Your location: not set (UTC)
Your local time: 06:46
Execute ‘tzselect’ in terminal to change these settings.
Press Enter to continue.
Log in as root and execute the ‘helpme’ command.
AntivirusLiveCD login: root
root@AntivirusLiveCD:~# tzselect
Please identify a location so that time zone rules can be set correctly.
Please select a continent, “coord”, or “TZ”.
7) Europe
#?7
37) Romania
#?37
Is the above information OK?
#?1
root@AntivirusLiveCD:~# helpme
The most important command is ‘antivir‘ which starts the following two tasks:
- update of virus signature database,
- scanning of all files with Clam AntiVirus.
root@AntivirusLiveCD:~# antivir
What would you like to do now?
- Scan your computer against viruses.
- Update virus signature databases.
- Update your ClamAV software.
- Quit.
- Your choice (1,2,3,4)?:
root@AntivirusLiveCD:~# bonus
Welcome to Bonus Pack! Set of office applications: mcedit (text editor), nano (text editor), mc (file manager). Set of media applications: zgv (image viewer), timidity (midi and mod player), mplayer (audio and video player). Set of classic games: cgames (10 console games), doom (video game), quake (video game).
8. Comodo Rescue Disk bootable tool: OVERVIEW, FEATURES, FAQ.
9. If none of the threats can be found and your system receives “a notification” regarding ransomware, please use the specific Decryption Tools to unlock your files without paying your attackers. Source: https://www.nomoreransom.org/en/about-the-project.html