Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: virus removal from within safe mode

05 May 2011   #21

Linux CENTOS 7 / various Windows OS'es and servers

Quote   Quote: Originally Posted by Noxiide View Post
Quote   Quote: Originally Posted by jimbo45 View Post
Hi there
I keep saying to people -- it is UTTERLY NO POINT in using an INFECTED computer to remove any VIRUS -- how can you be sure that the virus removing software itself hasn't been compromised.

Say you were drilling on an Oil Platform and the drill needed sharpening, You wouldn't use a tool which was already worn out to sharpen / renew the bit would you.

Same with Virus removal -- why trust an INFECTED computer to work properly.

The ONLY IMO safe solution is a COMPLETE restore from a KNOWN Virus free backup or a total W7 re-install.

If you have data copy that to an external HDD and run a virus check against the data ON A SEPARATE MACHINE.

AV software is just that -- should protect against getting a virus -- once you have one then ONLY a RESTORE or Re-INSTALL can be guaranteed to be 100% safe.

Forget ANY AV removal software -- once you've BEEN infected it's TOO LATE. You need to catch any virus in Real time then you can take proper action.

MSE does a reasonable job at this once you've got your computer working properly again.

You don't need to revert back to an image every time you get a virus, usually, if the AV finds the virus it will get rid of all of it, and if it doesn't, then you revert back.

Plus, I don't even have Acronis True Image or any other image program, and I've heard that some virus's implant themselves into system restore points sometimes, so restoring may not work.

People don't want to reformat and clean install often, so of course they are going to try and get rid of it first with AV's.
Hi there
I don't think you read my post properly
I said use a BOOTABLE BACKUP of a known CLEAN IMAGE -- this has 100% NOTHING to do with Windows "Restore points" -- I pointed out in my post that you shouldn't in ANY WAY use ANY PART of the INFECTED OS to repair the computer.

A Bootable restore loaded from a READ ONLY CDROM is not going to be infected. We have to assume that you created the BOOTABLE RESTORE medium from a clean system - but that should be taken as a given.

OK if you want to do post analysis on how or why your computer got infected then use a Virtual Machine as a sandbox.

I'm of the sort of school that just wants to get a machine working again -- I really don't care HOW or WHY it got infected - but if thats your interest then fine.

I still would NEVER EVER trust even a "Cleansed" computer that had been infected - no matter how good the AV removal software is -- and these days restoring a typical home computer W7 partition with something like Acronis True Image only takes around 20 - 40 mins -- so restoring IMO is a "No Brainer" solution.


My System SpecsSystem Spec
06 May 2011   #22

Windows 7 Home Ultimate 64-Bit, Ubuntu 10.04 Lucid Lynx, Windows XP

Jimbo, I think you're strictly correct. But the computer that I was having problems with was not mine, it was a 14 year old kid. He's not making regular back-ups, he's clearly managed to misplace all of his installation media and so clean restore / installs just arn't an option for him (short of losing all of his stuff). So, I suppose that while you're strictly correct, there's also something essentially limiting about your approach from a practical perspective. I believe that tools like MWB are so useful because they can be used with a good deal of confidence to remove infections using the very same infected machine. Is it an ideal option? No. But for someone who hasn't made any backups and has lost his installation media, it's a good option.
My System SpecsSystem Spec
07 May 2011   #23

Windows Seven, Ubuntu

Quote   Quote: Originally Posted by jimbo45 View Post
Hi there
I wish NOBODY would be allowed to use a computer until they learned how important it was to take backups regularly AND ACTUALLY DO IT.

However if he doesn't have a backup then the only solution is to do a complete W7 re-install.

He could still copy DATA files (Music, documents, films, photos etc etc) to an external HDD or whatever before doing the re-install . Even with no backup program these can be copied via Windows explorer. ===> BUT VIRUS SCAN THESE ON A SEPARATE MACHINE before copying back to your computer.

As I said previously after you've re-installed W7 install MSE and then take a BACKUP before installing any software etc. This will give you a decent image to recover from in the future without having to re-install again.

Incidentally keep the OS and applications in ONE partition = W7 partition size typically around 35 - 50 GB depending on what applications are installed. Divide the rest of your disc storage up into various partitions such as DATA, scratch volumes, Multi-media etc etc.

I agree but for me it's easier than that. Keep important files on USB, only use free software that can be re installed for free. Like Lotus Symphony, GIMP, Keepass and MSE. Use noscript. If I have a problem I log in to Ubuntu and use Bitdefender to scan my USB that I know isn't infected. Then remove windows and re install from the installation cd. Update and re install free software.
My System SpecsSystem Spec

09 May 2011   #24

Win7 Ultimate 64bit

My System SpecsSystem Spec
10 May 2011   #25

Linux CENTOS 7 / various Windows OS'es and servers

Hi there

Difficult for say a "Kids" computer but its never too early to teach them about making reliable backups --

Since most of them tend to have loads of "Downloaded" music rather than physical media any more you should explain that if they LOSE their computer with the music on it - the music is GONE and can't be retrieved.

For more mature users I'd always recommend them to load software etc on to a "Virtual Machine" as a sandbox and test as decently as possible before migrating it to a real machine.

The current power of even small Laptops makes running and testing on a Virtual Machine quite feasable now and both the major players VBOX (Oracle) and VMWARE have FREE software for creating and running Virtual machines.

However if you really must cleanse a PC then use a BOOTABLE rescue CD (Or USB) such as the previous poster advises.

I would still in NO WAY ever run a Virus removal program on the infected machine itself - the OS might have been so mucked about with who knows what ANY program is really doing.

My System SpecsSystem Spec

 virus removal from within safe mode

Thread Tools

Similar help and support threads
Thread Forum
System will only start in Safe mode, Clean virus in safe mode
I recently attempted to clean my brother's computer after he aquired a virus from the torrent file program he uses. Regardless, I cleaned a trojan and a backdoor from his system from safe mode. I can not boot in normal mode. Everytime i try the system gets hung up at the windows loading screen...
General Discussion
Can not remove virus and LT is useless, unless in safe mode
Hello, I am pretty good with computers and have never been able to fix any problem on my own, but this virus has been working circles around me. First it went blue screen memory dump on me. Turned it back on and it worked fine for a few hours, but then crashed again. Every time I tried to run...
System Security
Virus windows 7 no safe mode
Hi their I'm looking for some help, my laptops got a virus and not sure how to fix it. Got a pop up box from user account control and by mistake hit yes. So switched off laptop straight away and tried to restart in safe mode. However when it starts in safe mode computer shuts down and restarts,...
System Security
Slow/freezes even in safe mode, found obfuscator virus
Hello, I downloaded a file yesterday and was alerted by MSE that it was a threat. I deemed it a false positive after scanning it with both malwarebytes and superantispyware and reading the comments of the download. Everything was fine until today when out of the blue the computer restarts and...
System Security
FBI / Bundespolizei virus without Safe mode and system recovery
Hi Gents, I had the "German" version of the virus (Bundespolizei) 2 times in the last 1 year and I managed to get rid of it. But now... One of my biggest problems is BitLocker - my hard drive is encrypted (but I have the codes) I am having the following problem now: 1. The screen after a...
System Security
BSOD happening after virus, having trouble booting into safe mode.
Hello, Recently, while I was browsing the web awhile ago, my computer had randomly begun to shutdown. I hadn't done anything to trigger this, so I simply rebooted my computer, and headed to Symantec to run a quick scan on my system. Without a doubt, multiple Trojans were detected. I removed...
BSOD Help and Support

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 03:54.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App