大多数病毒都很容易摆脱。只需(Just)打开防病毒扫描程序,等待它收集结果,然后删除它找到的任何内容。但有时,病毒只是不会消失,而且似乎没有常规的防病毒解决方案有帮助。(regular antivirus solution)
那么,您将如何处理讨厌的、难以删除的病毒呢?在防病毒软件的范围内是一整类在操作系统启动之前进行扫描的工具。(before)通常(Often)称为可启动的防病毒程序,它们甚至在有机会打开之前扫描文件并删除病毒。
以下是在操作系统启动之前删除病毒的最佳方法。(best ways to remove viruses)如果您不熟悉此过程,我们将介绍所有步骤,包括如何下载扫描仪以及下一步如何让它在启动时运行而不是在您的操作系统上运行。
提示(Tip):如果您经常感染病毒,请了解您应该如何保护您的计算机免受黑客和恶意软件的侵害(protecting your computer from hackers and malware)。
可启动防病毒软件的工作原理(How a Bootable Antivirus Works)
有两种类型的可启动防病毒软件。一个是自包含程序,您必须将其安装在USB设备或光盘上,然后在计算机启动时从它启动。发生的情况是该设备或光盘上的软件而不是您的操作系统启动,然后您可以运行扫描并从那里删除病毒。
另一种安装在您的计算机上,其功能类似于普通的防病毒解决方案,但在其中还可以选择运行启动时扫描。只需(Just)重新启动计算机并让扫描运行。对于大多数人来说,这是一种更简单的方法,但如果病毒的危害如此之大,以至于无法让您正确启动操作系统,则该方法将不起作用。
根据您的具体情况,您将希望使用一种方法而不是另一种方法,因此我们将介绍如何使用这两种方法。
使用光盘或 USB 设备(Use a Disc Or USB Device)
第一种可启动防病毒程序是一个 ISO 文件(an ISO file),您可以将其下载到计算机上,然后放在单独的设备上,以便您可以从中启动。
这种类型有很多选项,包括Trend Micro Rescue Disk、Comodo Rescue Disk、Anvi Rescue Disk、Kaspersky Rescue Disk和Windows Defender Offline。其中一些程序需要光盘,而其他程序可以与闪存驱动器一起使用。
我们将使用Adaware 的 Rescue USB 程序(Adaware’s Rescue USB program)作为示例,因为它适用于Windows 7和更新的Windows操作系统,可以在扫描之前更新其定义,并支持自定义扫描。
- 访问上面的链接以下载ISO文件。如果您有 64 位计算机,请选择amd64版本,否则为 32 位使用x86 。该软件的大小超过 1 GB,因此下载可能需要一段时间。如果时间是一个问题,上面列出的其他一些可引导的 AV 程序要小得多。
- 还下载Rufus,我们将使用该程序将软件放在闪存驱动器上。如果您不想安装它,下载页面上有一个便携式版本。(portable version)
注意(Note):此软件也可以从光盘启动,因此如果您愿意这样做,可以使用ImgBurn将程序刻录到 CD,然后跳到下面的BIOS步骤。
- 将USB设备插入计算机。确保您可以将整个驱动器擦干净。如果不是,请暂时将内容复制到其他地方。
- 打开Rufus并从第一个下拉菜单中选择该设备。
- 选择SELECT然后打开您刚刚下载的ISO文件。(ISO)
- 如果需要,编辑其他选项。
- 按开始(START)。
- 在格式警告上选择确定(OK)以开始将可启动防病毒工具复制到驱动器。
- 该过程完成后退出Rufus 。
- 重新启动计算机并访问 BIOS(access BIOS)。按照该链接了解如何更改启动顺序,以便您可以启动到USB设备而不是操作系统。
- 在 Adaware Live CD 提示符上选择确定。(OK)
- 选择更新定义(UPDATE DEFINITIONS)以确保您拥有发现威胁所需的最新技术。
- 选择扫描类型。Adaware Live CD 支持引导扇区扫描、快速扫描、完整扫描和自定义扫描。如果您知道要检查病毒的文件夹,请使用自定义扫描选项。否则(Otherwise),建议进行全面扫描,以确保无论恶意软件隐藏在何处都能找到。
使用带有可启动选项的普通防病毒软件(Use Normal Antivirus With a Bootable Option)
如果上述过程需要太长时间或太复杂,或者您没有磁盘驱动器或空闲闪存驱动器,您还有其他选择。
一些正常的、可安装的防病毒程序具有在计算机重新启动时运行扫描和删除病毒的选项。它们的工作方式与上述可启动的 AV 工具大致相同,但更易于使用并自动执行所有扫描和删除。
一些具有启动时扫描功能的免费防病毒软件包括Avast Free Antivirus、Adaware Antivirus和AVG AntiVirus Free。所有这些程序的工作方式都略有不同。Avast和AVG要求您专门打开此功能,而Adaware将自动运行启动时病毒扫描。
让我们看看如何在操作系统启动前使用 Avast 的免费扫描程序来清除病毒:
- 通过上面的链接下载(Download)程序,然后安装。注意您在安装过程中可能看到的任何额外优惠,例如安装不相关的程序。执行病毒清除功能真正需要的是Avast。
- 从左侧面板中选择保护。(Protection)
- 选择病毒扫描(Virus Scans)。
- 在Boot-Time Scan部分中选择OPEN NOW 。
- 选择右上角的设置/齿轮图标以打开 Avast 的启动时扫描设置。
- 根据需要修改(Modify)任何设置。正如您在此屏幕截图中看到的那样,您可以调整扫描仪的灵敏度,扫描可能不需要的程序,打开存档以扫描其中的文件,扫描插入计算机的所有硬盘驱动器或仅扫描系统驱动器,并检查通常随操作系统自动启动的程序中的病毒。
您还可以选择发现威胁时发生的情况:Avast 可以尝试在不删除文件的情况下修复它,或者您可以选择将文件移动到隔离区域或直接删除。
- 按(Press)设置左上角的退出按钮返回启动时扫描屏幕。
- 选择RUN ON NEXT PC REBOOT。此屏幕上还有一个安装专用定义(Install specialized definitions)链接,您可以单击该链接下载更多定义,这些定义应该有助于在启动过程中发现病毒。
- 下次重新启动计算机时,A vast(Avast)将在操作系统启动之前扫描病毒,并以您在设置中指定的任何方式处理威胁。请注意,只有在下次(next)重新启动时才会扫描病毒;要让它在另一次重新启动期间再次运行启动时扫描,只需重复这些步骤。
这就是Avast(Avast)启动时病毒扫描期间的样子。根据需要检查的文件数量,可能需要几个小时才能完成。
请特别注意报告文件(Report file)行中提到的TXT文件。(TXT)对于每台计算机,这应该是相同的;在操作系统开始查看Avast Free Antivirus发现和删除的内容后,您可以去那里。
您可以随时按Esc键停止此扫描。它会简要告诉您扫描了多少文件以及是否发现任何感染,然后您的计算机将正常重新启动进入操作系统。
How To Remove Viruses Before Your Operating System Starts
Most viruses are fairly easy to get rid of. Just open an antivirus scanner, wait for it to gather results, and then delete whatever it finds. Sometimes though, thе virus just won’t go away and no regular antivirus solution seems to help.
So, what are you to do with pesky, hard-to-delete viruses? Within the scope of antivirus software is an entire category of tools that do the scanning before the operating system starts. Often called bootable antivirus programs, they scan files and remove viruses before they even have a chance to open.
Below are the best ways to remove viruses before the operating system starts. If you’re not familiar with this process, we’ll go over all the steps, including how to download the scanner and what to do next to have it run at startup instead of your operating system.
Tip: If you get viruses often, learn how you should be protecting your computer from hackers and malware.
How a Bootable Antivirus Works
There are two types of bootable antivirus software. One is a self-contained program that you have to install on a USB device or disc and then boot from it when your computer starts up. What happens is that the software on that device or disc is started instead of your operating system, and then you can run the scan and remove viruses from there.
The other kind is installed to your computer and functions like a normal antivirus solution, but within it is an option to also run boot-time scans. Just restart the computer and let the scan run its course. This is the easier method for most people, but it won’t work if the virus is so harmful that it’s not letting you start the operating system properly.
You’ll want to use one method over the other depending on your specific situation, so we’ll go over how to use both.
Use a Disc Or USB Device
The first type of bootable antivirus program is an ISO file that you download to your computer and then put on a separate device so that you can boot from it.
There are lots of options for this type, including Trend Micro Rescue Disk, Comodo Rescue Disk, Anvi Rescue Disk, Kaspersky Rescue Disk, and Windows Defender Offline. Some of these programs require a disc and others can be used with a flash drive.
We’ll use Adaware’s Rescue USB program as an example since it works with Windows 7 and newer Windows operating systems, can update its definitions before the scan, and supports custom scans.
- Visit the link above to download the ISO file. Pick the amd64 version if you have a 64-bit computer, otherwise use x86 for 32-bit. This software is over 1 GB in size, so it could take a while to download. Some of the other bootable AV programs listed above are much smaller if time is an issue.
- Also download Rufus, the program we’ll use to put the software on a flash drive. There’s a portable version on the download page if you’d rather not install it.
Note: This software can also be booted from a disc, so if you’d rather do that, you can burn the program to a CD with ImgBurn and then skip down to the BIOS step below.
- Plug your USB device into the computer. Make sure you’re okay with having the whole drive wiped clean. If you’re not, copy the contents elsewhere for the time being.
- Open Rufus and select that device from the first drop-down menu.
- Choose SELECT and then open the ISO file you just downloaded.
- Edit the other options if needed.
- Press START.
- Select OK on the format warning to start copying the bootable antivirus tool to the drive.
- Exit Rufus when the process completes.
- Restart your computer and access BIOS. Follow that link to learn how to change the startup order so that you can boot to the USB device instead of the OS.
- Select OK on the Adaware Live CD prompt.
- Select UPDATE DEFINITIONS to ensure that you have the latest techniques necessary to find threats.
- Choose a scan type. The Adaware Live CD supports boot sector scans, quick scans, full scans, and custom scans. If you know which folders you want to check for viruses, use the custom scan option. Otherwise, a full scan is recommended to ensure that malware is found no matter where it’s hiding.
Use Normal Antivirus With a Bootable Option
If the procedure above will take too long or is too complicated, or you don’t have a disc drive or free flash drive, you still have another option.
Some normal, installable antivirus programs have an option to run a scan and remove viruses when the computer reboots. They work in much the same way as the bootable AV tools mentioned above, but are far easier to use and do all the scanning and deleting automatically.
Some free antivirus with boot-time scanning capabilities include Avast Free Antivirus, Adaware Antivirus, and AVG AntiVirus Free. All of these programs work a bit differently; Avast and AVG require you to specifically turn this feature on, while Adaware will run a boot-time virus scan automatically.
Let’s look at how to use Avast’s free scanner to remove viruses before the operating system starts:
- Download the program through the link above, and then install it. Watch out for any extra offers you might see during setup, like to install unrelated programs. All you really need to perform virus-cleaning functions is Avast.
- Select Protection from the left panel.
- Choose Virus Scans.
- Select OPEN NOW in the Boot-Time Scan section.
- Select the settings/gear icon at the top right to open Avast’s boot-time scan settings.
- Modify any settings as you wish. As you can see in this screenshot, you can adjust the sensitivity of the scanner, scan for potentially unwanted programs, open archives to scan inside of those, scan all the hard drives plugged in to your computer or just the system drive, and check for viruses in the programs that normally auto-start with the operating system.
You can also choose what happens when a threat is found: Avast can try fixing it without deleting the file or you can choose to have the file moved into a quarantined area or simply removed.
- Press the exit button on the top left of the settings to return to the boot-time scan screen.
- Select RUN ON NEXT PC REBOOT. Also on this screen is an Install specialized definitions link that you can click to download more definitions that are supposed to help find viruses during the bootup process.
- The next time you restart your computer, Avast will scan for viruses before the operating system starts and will deal with the threats in whatever way you specified in the settings. Take note that only on the next reboot will it scan for viruses; to have it run a boot-time scan again during another reboot, just repeat these steps.
This is what it looks like during an Avast boot-time virus scan. It could take a few hours to complete depending on how many files it has to check.
Take special note of the TXT file mentioned in the Report file line. This should be the same for every computer; it’s where you can go after the OS starts to see what Avast Free Antivirus found and removed.
You can stop this scan at any time by pressing the Esc key. It will briefly tell you how many files were scanned and if any infections were found, and then your computer will reboot normally into the operating system.
