Viruses, Trojans, worms and malicious specimens of all kinds roam freely on the Internet and end up sneaking into computers. Malware creators are ahead of the curve with increasingly sophisticated developments and advanced cyberattacks that take advantage of users’ inattention or negligence and software vulnerabilities that are not patched in time. It’s time to take action.
Successive lists of worst cybersecurity incidents confirm that we have a long way to go. And it’s hard to stay safe on your own. You may think it won’t touch you, until it touches you no matter how cautious you are and you have to be, undoubtedly. In today’s 100% connected world with dozens of devices in use in every home, IT security solutions are a good tool to rely on. Having at least a basic solution is highly recommended, especially in Windows operating systems, the most used and attacked and the ones we are going to focus on.
Why are ransomware antivirus so useful?
Among the large group of security solutions, the so-called ‘ransomware’ ones stand out, those that from an external drive are started before the operating system boots and thus have notable advantages over typical installed antiviruses.
It is worth remembering here that there are malicious specimens that are loaded into memory. before system startup and before the startup of the installed antivirus, so it is not able to detect or remove it. Another advantage is that the antivirus software in this group does not need to be installed on the computer and does not need to be running permanently, which reduces the resource consumption of the installed antivirus software and does not penalize performance.
If you detect abnormal operation of any component of your PC; you have random errors; you are missing files; your passwords have changed: the default applications have changed and, in general, if you notice ‘strange’ things, it is time to check your personal computer.
Creation and management
Antivirus ransomware are created on external drives in “Live” formats. which are self-booting and operate independently of the operating system. Optical media can be used, or better yet, pendrives, which are more secure and widespread today. Almost all of them are based on a GNU/Linux distribution and the vendors below offer the possibility to create them from their web page or a downloadable .ISO or .IMG image that can be managed with specialized applications such as Rufus, UNetbootin or similar.
Once created, its use is similar to other ransomware tools. You simply reboot your machine with the media inserted in its location to boot from it and if you have not done so before, placing it as the first boot device, before your PC’s storage drive.
Once started you will see different interfaces, some in text mode and others visual with quite a few functions, although they all have (almost) what we can find in the installed antivirus including the necessary virus database updates, scanning and disinfection of the boot sector and files and folders on internal or external disks. They have direct access to the disk and file system and are capable of eliminating persistent threats that are sometimes not reached by the installed ones.
Selection of free ransomware antivirus
All major computer security specialists offer some kind of free solution of this type. Unfortunately, not all of them are kept up to date in terms of interfaces and functions, although for this task it is not vital either and it is more important to update the definitions of the latest viruses detected and its scanning and disinfection capabilities..
As mentioned above, some providers offer the possibility to create the media directly from their website, with their own creation tutorial that is very similar for all of them, or an ISO or IMG image that can be used to create the media. We leave you with some of those available for free.
ESET SysRescue Live
One of the best maintained and updated with support for all Windows, client and server. It can be used from CD, DVD or USB, and like the rest independently of the operating system. It has several operating modes, “On-demand scanning”, “Smart scanning” or “Custom scanning”.
AVG Rescue CD
It offers two different images for CD or USB creation. Its interface is quite spartan and text-based but don’t be scared, it does its job, and like the rest, it updates the virus database to the latest available.
Kaspersky Rescue Disk
Kaspersky hasn’t updated the interface in a while but its Gentoo-based Rescue Disk has the great power of the leader in consumer security solutions. You download the ISO image, burn it to bootable media and use it.
Norton Bootable Recovery Tool
It offers the creation of the bootable disk with a wizard that facilitates its creation without external applications once you have downloaded the tool. Once booted with it, you will see a graphical but minimalistic interface with no customization options, with two main options: scan and wipe.
Another outdated in interface, but very simple to use because it does not have too many customization options. It loads a wizard that automatically searches for available antivirus definitions and, when you press start, starts scanning the entire system for malicious files.
Trend Micro Rescue Disk
Very simple one-click creation of rescue media from their website and with the option to choose CD/DVD or USB disk/drive. Its interface is the most spartan of the whole list, in a minimalist text mode with a few basic options.
Avira Rescue System
Offers the download of an image for media creation. Graphical interface with few functions but simple to use. Like others we have seen with a simple interface, its power lies in the search and disinfection engine and its ability to update the virus database, something that all of them do.
Bitdefender Rescue CD
Personally it is one of the ones I like the most. Or I liked it because it was deprecated in exchange for offering a Bitdefender Rescue Mode. It uses a Linux based on Xubuntu which allows for greater possibilities besides virus removal. Download the ISO from the link and burn to media. We leave you web.archive link where it is still available. Like the rest, although the version is not updated, it does download the latest definitions and does its job.
F-Secure Rescue CD
A super classic that has saved us from viruses more than once…. It’s been a long time since it was updated, but it’s another one to use. With a Knoppix base, there is no real user interface except for a text-based dialog, where you will be asked if you want to start the scan.
It does not offer direct download of an image and the only way is to create the rescue disk from an already installed Avast solution. The good thing is that it can be done from the free desktop version. You create the media and then if you want you delete it.
Keep some of these handy because sometimes they are. a must-have for taking down persistent malware which, once loaded into memory and the operating system is started, is difficult to eradicate and even to detect. In addition, these types of solutions do not penalize performance as they work independently of the PC’s operating system. They are very useful to run from time to time to check the status of the computer and eliminate security threats.