Helping people with computers... one answer at a time.

We'll try a bootable malware CD. But in situations like this, where malware has gotten itself so entrenched into the system, sometimes, reinstalling is the most pragmatic answer.

The FBI Moneypak malware just landed on my backup Dell computer. This new version won't let you start the system in Safe Mode. Do you have any suggestions? Searching the internet yields some suggestions, but I wonder if they are worse than the malware itself?

In this excerpt from Answercast #64, I look at a machine that has a virus that is preventing it from booting, even in Safe Mode.

Malware advice

Yes, it can be interesting to search the internet for solutions to specific viruses or malware.

Very often, you'll find some reputable sites that will actually have some very good malware removal instructions and those sites tend to be the sites associated with the major anti-malware software vendors: folks like McAfee, Kaspersky, Sophos, a bunch of others. They all have a lot of good information about removing specific viruses using manual techniques.

There are others that are still from vendors, but their techniques always involve, "Oh, the last step is buy and run our program."

Bootable anti-malware CD

In a case like this, what I personally suggest that you do is to go and grab a copy of Windows Defender Offline. It is from Microsoft. I'll see if we can't get the link in the notes for this recording.

It is an ISO; it's a file that you download and then you burn it to a CD. Then, you boot from that CD.

When you do so, it automatically runs Windows Defender, which it turns out is really more like Microsoft Security Essentials. Basically, it's their anti-malware, anti-spyware tool. You can then do a scan of the machine without having had to boot from the machine at all, without having to try and boot from the hard disk at all.

Everything required for booting is on that live CD. So, if that finds something, that may be your way out.

If not, there are other, similar types of CDs from some of the major manufacturers that you can download, burn to a CD, and boot from. That will kind-of, sort-of do the same thing. They will take their anti-malware software, put it on the CD, and have that CD then run the anti-malware software automatically when you boot from that CD.

Those are the kinds of approaches I think that you're going to have to take, if you can't even boot in Safe Mode.

Completely clean the machine

And finally, you know, the other alternative... To be honest, when things are pretty bad like this (as much as people don't like to hear it), an alternative that is the most reliable is to back up the machine (which you can still do; there are definitively programs that will allow you to back up from the rescue media that you boot from, so that even though your machine doesn't boot, you can still back it up.)

  • Backup your machine.

  • Reformat and reinstall Windows from scratch.

That tends to be kind of drastic; I understand that. But in situations like this, where malware has gotten itself so entrenched into the system such that you can't boot in any mode sometimes, it's the most pragmatic answer.

Article C5955 - October 25, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

1 Comment
johnpro
October 26, 2012 3:58 PM

I have spent more time trying to remove malware infestation, with no guarantees, than doing a fresh Windows reinstall.
What a great feeling when you finally decide to reinstall ..you know a genuine fix is imminent.
Jp

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.