Want ideas for Virus removal if virus shows up in safemode CMD


  1. Posts : 34
    Windows 7 prof. 64 bit
       #1

    Want ideas for Virus removal if virus shows up in safemode CMD


    Hi, Looking for general ideas on how everyone else handles a strong virus. If the virus is showing up in Windows regular mode, it opens in safemode and opens in safmode with command prompt.

    Besides the usual such as boot to repair mode and use system restore, dock hard drive to another pc and scan there, what would be the way you would handle this situation. Thanks for the input
      My Computer


  2. Posts : 13,576
    Windows 10 Pro x64
       #2

    Run windows defender offline.
      My Computer


  3. Posts : 7,781
    Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
       #3

    Here is the link for the Windows Defender Offline Tutorial

    This must be made on a clean PC to ensure the scanner isn't compromised.

    If the infection is that deeply embedded in the system, it really wouldn't be a good idea to trust it again & your best bet is a Clean Install
      My Computer


  4. Posts : 10,994
    Win 7 Pro 64-bit
       #4

    AddRAM said:
    Run windows defender offline.
    Borg 386 said:
    Here is the link for the Windows Defender Offline Tutorial

    This must be made on a clean PC to ensure the scanner isn't compromised.

    If the infection is that deeply embedded in the system, it really wouldn't be a good idea to trust it again & your best bet is a Clean Install
    to the above.
      My Computer


  5. Posts : 13,576
    Windows 10 Pro x64
       #5

    Sorry I didn`t dig up the tut, but I`m messin with my new sig.

    Isn`t it beautiful !!!!!
    Last edited by AddRAM; 27 Dec 2012 at 10:26.
      My Computer


  6. Posts : 34
    Windows 7 prof. 64 bit
    Thread Starter
       #6

    Thanks, I will try this method. They is a way of running attrib's from the command prompt and cleaning, but some of the virus's hide very well. Happy New year
      My Computer


  7. Posts : 2,464
    Windows 7 Ultimate x64
       #7

    For most "normal" viruses, I would check what things autoruns at startup, in start menu and in the registry key and task scheduler. Task manager can also show strange processes and point out the executable's location for you to delete. Most viruses can be removed in this way once you detect its presence, it's not hard if you have patience. Antiviruses are also good detecting those.

    But if you happen to got a kernel-mode virus (rootkit), it's much more complicated, because you can't trust Windows to show you the real virus (it may tamper with all system activities). For those, the only true way is a full reformat and a clean install. Trying to repair Windows from any damage often results in an even worse system and more effort, while a reinstall gets a fresh system.
      My Computer


  8. Posts : 34
    Windows 7 prof. 64 bit
    Thread Starter
       #8

    The FBI or Moneypak virus usually let you into safemode with command prompt where you could use, Malwarebytes, superantispyware, viper rescue and tdss killer, but there is a variant that pops up as soon as safemode with command prompt opens. I had to use system restore from a repair cd and then when I was back into windows I used all four scanner to find anything hiding. I did find the fake alert and some other Trojans. I am removing temp files and looking for unusual files. Thanks
      My Computer


  9. Posts : 7,781
    Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
       #9

    In the future, once you get things cleaned up, it would be a good idea to make a system image & the next time something like this happens, you can just restore to the state the PC was in when you made the system image. Keep 2 or 3 on an external HD in case you accidentally make one with a virus. I keep at least 5 on file to revert back to, just in case....

    Backup Complete Computer - Create an Image Backup
      My Computer


  10. Posts : 34
    Windows 7 prof. 64 bit
    Thread Starter
       #10

    Thanks, I purchased Acronis and have used in the past, I will do a weekly image for now on.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 00:42.
Find Us