Most of the self-help books that have been written about XP say the same
thing: if you can’t start XP in Safe Mode, you might have a virus so run an
anti-virus program. Well, all of my anti-virus packages were downloaded, so I
have no install disks. But even if I had an install disk, if I can’t boot
Windows, or I can’t connect to the internet, a disk won’t do me any good. So
how do I run an anti-virus scan under these conditions? And if I reformat and
reinstall XP, isn’t there a possibility that a virus could attach itself to the
new install if I haven’t eliminated it before hand?
You’re experiencing a definite chicken-and-egg situation. You need to run an
anti-virus program to possibly fix Windows, but you need to be able to run
Windows in order to run the anti-virus program.
Seems like a no-win situation.
There are approaches and they all begin with booting something
When things are this broken, I often suggest just reinstalling Windows. If you do reformat and reinstall, you’ll be erasing everything – including any viruses – so you don’t have to worry about them tagging along. If you rebuild the system in the correct order, you can stay safe from the beginning and be virus-free.
The problem, of course, is that this is a lot of work and erases everything, including all of your programs and data. If you’ve backed up properly, this shouldn’t cause you too much grief; on the other hand, if you’re like too many people, losing all of that data may be a real problem.
So, we’ll look at a couple of options that don’t involve a complete reformat.
Microsoft Standalone System Sweeper
Using another computer, download and burn to CD the Windows Defender Offline.
This relatively new tool is probably exactly what you need. It’s a version of Microsoft’s anti-malware software that runs directly from the CD when you boot it.
Make sure to download the latest version so that the most recent threats are covered.
Bootable anti-malware discs
Several anti-malware companies actually also provide recovery disc images that you can download for this purpose as well.†
In fact, you’ll note a common thread: “rescue” media of some sort. If you have a favorite anti-malware tool, it’s worth searching for that “tool-name rescue CD” and you may find that they have one available.
Download that, burn it to CD, and boot your affected system from it to begin the cleanup process.
All-in-one Utility CDs
There are several popular free CD images available that contain collections of tools that can be used not only to recover from malware infections, but also to perform other maintenance and repair on otherwise compromised machines.†
Each of these CDs are free downloads, and when burned to CD, they create bootable media that you can use to recover and repair your unbootable machine.
Many, if not most, distributions of Linux are free. Another approach is to use one of the Linux “Live CDs”.
Live CDs are free, downloadable images that can be burned to CD. Boot from that CD and your machine is running a version of Linux without having to make any changes to your system or hard disk. You can then run anti-virus software or other tools against the Windows installation on your hard disk.
The most popular Linux Live CD is Knoppix.
Another promising Live CD is Ubuntu. Ubuntu’s Live CD doubles as its install CD should you ever want to switch.
The great thing about all of these bootable CDs is that once you do boot, even if you can’t perform the virus scan, you can still examine your Windows hard disk and possibly repair problems by hand, or at least recover files before taking more drastic action.
Because I tend to be a computer geek, I have copies of both Knoppix and Ubuntu lying around, and I am typically prepared to grab the latest Microsoft System Sweeper, should I need it.
† Products listed are just examples for reference and no endorsement is implied.
(This is an update to an article originally published July 17, 2006.)