USB flash drive into USB port on laptop header image.
Nomad_Soul/Shutterstock.com

If your computer is infected with malware, running an antivirus within Windows may not be enough to remove it. If your computer has a rootkit, the malware may be able to hide itself from your antivirus software.

This is where bootable antivirus solutions come in. They can clean malware from outside the infected Windows system, so the malware won’t be running and interfering with the clean-up process.

RELATED: Not All "Viruses" Are Viruses: 10 Malware Terms Explained

The Problem With Cleaning Up Malware From Within Windows

Standard antivirus software runs within Windows. If your computer is infected with malware, the antivirus software will have to do battle with the malware. Antivirus software will try to stop the malware and remove it, while the malware will attempt to defend itself and shut down the antivirus. For really nasty malware, your antivirus software may not be able to fully remove it from within Windows.

RELATED: How to Remove Viruses and Malware on Your Windows PC

Rootkits, a type of malware that hides itself, can be even trickier. A rootkit could load at boot time before other Windows components and prevent Windows from seeing it, hide its processes from the task manager, and even trick antivirus applications into believing that the rootkit isn’t running.

The problem here is that the malware and antivirus are both running on the computer at the same time. The antivirus is attempting to fight the malware on its home turf — the malware can put up a fight.

Why You Should Use an Antivirus Boot Disc

Antivirus boot discs deal with this by approaching the malware from outside Windows. Boot your computer from a CD or USB drive containing the antivirus and it loads a specialized operating system (usually built on Linux) from the disc. Even if your Windows installation is completely infected with malware, the special operating system won’t have any malware running within it.

This means the antivirus program can work on the Windows installation from outside. The malware won’t be running while the antivirus tries to remove it, so the antivirus can methodically locate and remove the harmful software without it interfering.

Any rootkits won’t be able to set up the tricks they use at Windows boot time to hide themselves from the rest of the operating system. The antivirus will be able to see the rootkits and remove them.

These tools are often referred to as “rescue disks.” They’re meant to be used when you need to rescue a hopelessly infected system.

Avast Rescue Disc Creation Menu

Bootable Antivirus Options

As with any type of antivirus software, you have quite a few options. Many antivirus companies offer bootable antivirus systems based on their antivirus software. These tools are generally free, even when they’re offered by companies that specialized in paid antivirus solutions. Here are a few good options:

  • Avast! Rescue Disk – Avast! offers the ability to create an antivirus boot disc or USB drive. Just navigate to the Tools -> Rescue Disk option in the Avast! desktop application to create bootable media.
  • TrendMicro Rescue Disk – TrendMicro consistently performs well in Antivirus comparisons, and they offer a rescue utility that can be run from a regular disc or a USB flash drive,
  • Avira Rescue System – Avira, another solid antivirus program, also offers a rescue utility. You’ll need to use Rufus in order to create a bootable USB drive,

These are just a handful of options. If you prefer another antivirus for some reason — like Comodo, Norton, Kaspersky, ESET, or almost any other antivirus product — you’ll probably find that it offers its own system rescue disk.

Avast Rescue Disc scan settings.

How to Use an Antivirus Boot Disc

Using an antivirus boot disc or USB drive is actually pretty simple. You’ll just need to find the antivirus boot disc you want to use and burn it to disc or install it on a USB drive. You can do this part on any computer, so you can create antivirus boot media on a clean computer and then take it to an infected computer.

Insert the boot media into the infected computer and then reboot. The computer should boot from the removable media and load the secure antivirus environment. (If it doesn’t, you may need to change the boot order in your BIOS or UEFI firmware.) You can then follow the instructions on your screen to scan your Windows system for malware and remove it. No malware will be running in the background while you do this.

Avast rescue disc scan running,

Antivirus boot discs are useful because they allow you to detect and clean malware infections from outside an infected operating system. If the operating system is severely infected, it may not be possible to remove — or even detect — all the malware from within it.

READ NEXT
Profile Photo for Chris Hoffman Chris Hoffman
Chris Hoffman is Editor-in-Chief of How-To Geek. He's written about technology for over a decade and was a PCWorld columnist for two years. Chris has written for The New York Times and Reader's Digest, been interviewed as a technology expert on TV stations like Miami's NBC 6, and had his work covered by news outlets like the BBC. Since 2011, Chris has written over 2,000 articles that have been read more than one billion times---and that's just here at How-To Geek.
Read Full Bio »
Profile Photo for Nick Lewis Nick Lewis
Nick Lewis is a staff writer for How-To Geek. He has been using computers for 20 years --- tinkering with everything from the UI to the Windows registry to device firmware. Before How-To Geek, he used Python and C++ as a freelance programmer. In college, Nick made extensive use of Fortran while pursuing a physics degree.
Read Full Bio »