The FBI Moneypak malware just landed on my backup Dell computer. This new
version won’t let you start the system in Safe Mode. Do you have any
suggestions? Searching the internet yields some suggestions, but I wonder if
they are worse than the malware itself?
Become a Patron of Ask Leo! and go ad-free!
Yes, it can be interesting to search the internet for solutions to specific
viruses or malware.
Very often, you’ll find some reputable sites that will actually have some
very good malware removal instructions and those sites tend to be the sites
associated with the major anti-malware software vendors: folks like McAfee,
Kaspersky, Sophos, a bunch of others. They all have a lot of good information
about removing specific viruses using manual techniques.
There are others that are still from vendors, but their techniques always
involve, “Oh, the last step is buy and run our program.”
Bootable anti-malware CD
In a case like this, what I personally suggest that you do is to go and grab
a copy of Windows Defender
Offline. It is from Microsoft. I’ll see if we can’t get the link in the
notes for this recording.
It is an ISO; it’s a file that you download and then you burn it to a CD.
Then, you boot from that CD.
When you do so, it automatically runs Windows Defender, which it turns out
is really more like Microsoft Security Essentials. Basically, it’s their
anti-malware, anti-spyware tool. You can then do a scan of the machine without
having had to boot from the machine at all, without having to try and boot from
the hard disk at all.
Everything required for booting is on that live CD. So, if that finds
something, that may be your way out.
If not, there are other, similar types of CDs from some of the major
manufacturers that you can download, burn to a CD, and boot from. That will
kind-of, sort-of do the same thing. They will take their anti-malware software,
put it on the CD, and have that CD then run the anti-malware software
automatically when you boot from that CD.
Those are the kinds of approaches I think that you’re going to have to take, if you can’t even boot in Safe Mode.
Completely clean the machine
And finally, you know, the other alternative… To be honest, when things
are pretty bad like this (as much as people don’t like to hear it), an
alternative that is the most reliable is to back up the machine (which you can
still do; there are definitively programs that will allow you to back up from
the rescue media that you boot from, so that even though your machine doesn’t
boot, you can still back it up.)
Backup your machine.
Reformat and reinstall Windows from scratch.
That tends to be kind of drastic; I understand that. But in situations like
this, where malware has gotten itself so entrenched into the system such that
you can’t boot in any mode sometimes, it’s the most pragmatic answer.