|
Summary: It's hard to run a anti-virus scan if you can't boot from the hard drive. To run an anti-virus or other scan, you'll need to take some special steps to boot from something else. Most of the self-help books that have been written about XP say the same thing - if you can't start XP in safe mode you might have a virus so run an anti-virus program. Well, all of my anti-virus packages were downloaded, so I have no install disks. But even if I had an install disk, if I can't boot Windows, or I can't connect to the internet, a disk won't do me any good. So how do I run an anti-virus scan under these conditions? And if I reformat and reinstall XP, isn't there a possibility that a virus could attach itself to the new install if I haven't eliminated it beforehand? You're experiencing a definite chicken-and-egg situation. You need to run an anti-virus program to possibly fix Windows, but you need to be able to run Windows in order to run the anti-virus program. Seems like a no-win situation. There are approaches, but they all revolve around booting something else. • When things are this broken, I often suggest just reinstalling Windows. If you do reformat and reinstall, you'll be erasing everything - including any viruses. If you rebuild the system in the correct order, you can stay safe from the beginning and be virus-free. The problem is that this erases everything, including all your programs and data. If you've backed up properly, as you should, this shouldn't cause you too much grief. On the other hand, if you're like too many people, losing all that data may be a real problem. So we'll look at a couple of options that don't involve a complete reformat. Since you don't have install media for your anti-virus programs, you might consider purchasing one. Some may actually allow you to boot from their install media, and run an anti-virus scan right then and there. (Be sure to check before you purchase - I'm relatively certain this is uncommon feature. Another approach is to download (on another computer, of course) and burn to CD a stand-alone bootable operating system. "...another approach is to use one of the Linux 'Live
CDs'"
If you're technically adept, you can make your own bootable version of Windows using something called BartPE. Since Windows is not free you can't just download a copy - any copy - from the internet, legally. BartPE (Bart Preinstalled Environment) is a toolkit that allows you to create a bootable CD using the copy of the Windows CD you already own. Many distributions of Linux, on the other hand, are free. Hence, another approach is to use one of the Linux "Live CDs". These are free, downloadable images that can be burned to CD. You can then boot from the CD and have a running version of Linux without having to make any changes to your system or hard disk. You can then run anti-virus software against the Windows installation on your hard disk. The most popular Linux Live CD is Knoppix. This article from "Knoppix Hacks" describes using Knoppix to perform a Virus Scan. Another promising Live CD is Ubuntu. Ubuntu's Live CD doubles as its install CD, should you ever want to switch. The great thing about all of these bootable CDs is that once you do boot, even if you can't perform he virus scan, you can still examine your Windows hard disk and possibly repair problems by hand, or at least recover files before taking more drastic action. Since I tend to be a computer geek, I have copies of both Knoppix and Ubuntu lying around. If you don't have an Anti-Virus program that you can boot from, my recommendation for most is to create or have someone help create a BartPE bootable disk, and then download or use the Anti-Virus software you're already familiar with. There's one more approach that's worth looking into, and that's a repair install of Windows. You perform a repair install by booting from your Windows installation CD and selecting repair install when asked. The good news is that it doesn't erase everything, and may get you back to a point where you can boot your machine normally. The bad news is that it doesn't erase everything, so the viruses or spyware that got you to this point may still be lingering about. The approach to take is to use the repair install to get a bootable version of Windows, and then immediately run your anti-virus and anti-spyware scans. Possibly more than once. Of course if the problem remains, you'll need to look into the other approaches already discussed. Related:
Article 10512 | Posted July 17, 2006 |
Stay Informed Archives Advertisers |
•
I used Knoppix to recover from an LSASS error (endpoint format is invalid). Since the error occurred before the Windows Desktop loaded and I couldn't even boot in SAFE mode, I booted from a Knoppix CD, navigated to my data, and saved them to a portable USB hard drive. Although I was totally unfamiliar with the user interface (I can barely SPELL Linux), it was intuitive enough for me to use easily. I then formatted and re-installed.
Posted by: Schnazola at July 18, 2006 06:10 AMThanks, Shanzola for the encouragement. I have a hard time spelling SPELL if that gives you a clue about my computer expertise. You've given me the encouragement to give it a try. And thanks to you too, Leo for another informative article!
Posted by: Mary at July 18, 2006 09:23 AMIf you can, please help me...
Posted by: Andy Daranga at December 26, 2006 01:57 PMI have a boot virus that doesn't alow me to install windows (any type XP,2k) it creates an error at instalation and it restarts the PC after installation. I used Ultimate boot disk cd 3.4 and it doesn't recognises the virus, only the bios antivirus. If you can, please let me know what to do because I'm out of options. Thank you.
Try Live CD suggestions in the article: knoppix, for one example.
Posted by: Leo Notenboom at December 26, 2006 10:24 PMthank you!
Posted by: kait at September 19, 2007 04:50 PMHi, i have a small problem with mt Dell Inspiron 600 LapTop,i cant boot it up at all.infact am its a virus.i cant boot in Safe neither can boot in command Prompt.so i need help urgently.thanks alot
Posted by: Martin Williams at October 10, 2007 02:19 AMIf you have a second PC you can hang the (possibly) infected drive on the second PC as a slave drive and scan it that way.
Posted by: Peter Moreland at February 2, 2008 07:56 AMHere's a question, once upon a time I remember Nortons antivirus disk being bootable with a Dos scan and virus removal utility in it. does anything like that still exsits? and if so what company still makes it it was fantastic if you thought you were infected and couldn't boot. scanned EVERTYHING , you'd load your dat files a floppy after you booted to the CD and run it from there.
Posted by: Max Taylor at March 20, 2008 02:01 PMTry to use Avast boot scan. It runs before Windows GUI is loaded. It is also free for non-commercial use. This is no advertisment :) I use it too in this situation. http://avast.com/
Posted by: chaleem at March 21, 2008 10:52 PM-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Another approach are to use the Linux "live" CDs like
Knoppix, or to build a Windows Boot CD yourself using a tool
like BartPE. Unfortunately a Windows boot CD cannot be
distributed (it's piracy of Windows), but you can make your
own using your own copy of Windows if you think to do so
before you have a problem.
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFH5unLCMEe9B/8oqERAvL9AJ9so++uWjKncsUdUYyY4EJ7tv3t/wCbBCQu
Posted by: Leo A. Notenboom at March 23, 2008 04:37 PMnIb894jJdsuliQ3nQhg5m8I=
=dUmk
-----END PGP SIGNATURE-----