Windoze

Virus Scan at Boot Time

What is this about?

This is about viruses, trojans, worms and other nasty kinds of code that float on the Windoze nightmarish world. The free anti-virus app I recommend for Windoze (and you need one when using Windoze) is Avast. This AV has been around for a long long time and offers a pretty good layer of security. You can download it for free here:

https://www.avast.com/free-antivirus-download

Avast comes with a ton of modules and in the name of System Speed I usually do not install them all. Less software you install on your Windows faster will run, and I think all of Avast features are a bit of an overkill. So I never install all the options.

I only install the most important modules of Avast. Below is a screenshot of the installation window and what are options I usually install. You have to click on "Customize Installation" to open this install options window.

Avast

Why Boot Time Scan?

You can have a million viruses, trojans, worms, spyware in your PC and at the same time nothing wrong happening. The vast majority of malware files are pretty much harmless, UNTIL you double click them.

When you execute a malware there is virtually no way of knowing what exactly that malware does. It can disseminate itself to other parts of the Hard Disk, it can move, delete, shuffle your files, it can do anything.

AVs try their best to block the threat and remove the malware on the fly, but sometimes the malware has its own counter-measure tricks, some even try to "kill" the AV in order to keep doing the things they were programmed to do. Once the malware has been loaded into the memory (after you double-click it) things get worse, the malware can infect some important pieces of Windoze's software, and if so every time Windoze starts the virus will be active.

This is particular true in the case of rootkits. Rootkits are special kinds of malware that in my view are THE most dangerous malware out there, and it is rarely mentioned. But why they are so dangerous?

Because as the name suggests rootkits infect pretty basic layers of the Windoze system. It is like compromising the foundation of a house, and when that happens everything on top of that foundation is compromised as well, and of course can no longer be trusted, even anti-virus softwares. The vast majority of rootkits are also trojans. Hackers can download and upload files at will and even install hidden software in the PC, such as a web server, or a FTP server. And the user will never know, nor see anything.

Hackers can make files virtually disappear, the files will be invisible to you. They can store their files in your Desktop and you will never even see the files there. For instance some rootkits modify Windoze in such way that all files starting with for example HIDEME_ will be absolutely invisible to the user. They can disable and enable ANYTHING in the system, and even neuter AVs.

For this reason the Avast scan mode I most use (and it is one of the reasons I prefer Avast) is the Boot Time Scan. This scan start even before Windows loads, basically it is a scan that is performed in Safe Mode and the chances of removing the malware in this basic state are higher.

For some rootkits not even this will suffice, so if you got infected by a rootkit my advise to you is to backup your data and format the system immediately.

Schedule and run Boot-time Scan

To schedule and run a Boot-time Scan in Avast Antivirus, follow these steps:

  • Open the Avast user interface and select Protection ▸ Antivirus.

Avast

  • Click Other scans.

Avast

  • Select Boot-time Scan.

Avast

  • Click Install specialized definitions, then click Run on next PC reboot to run the scan during the next system restart.

Avast

  • Restart your PC. When the system restarts, a Boot-time Scan progress screen appears as Windows loads.

  • For any detected threat select which action to take unless you have previously specified automatic actions in Boot-time Scan settings

Avast

The scan usually takes several minutes, but the duration varies depending on the speed of your system and the number of files to be scanned. When the scan is completed (or skipped), Windows continues booting up.

It is recommended to delete any thread found, unless it is inside some data sheet or document you REALLY need, if thats the case try to clean the file.