The majority of viruses that are widespread nowadays can be removed from your PC without any additional setups. However, some “serious” examples of computer viruses can block the anti-malware software usage, or just load the CPU so much that the security tool will fail to start. For that case (and some other actions) Microsoft added the Safe Mode to their operating system.
What is Safe Mode in Windows?
Safe Mode is a setting available in every Windows Operating System (version 7 and later), and it is the last option you should get, before you decide that the operating system is beyond repair. It allows you to repair system errors that could put your PC at risk, such as a computer virus, and temporarily restores the system to the previously healthy state.
This system mode means that a great number of system services will not start together with Windows (as it usually does). Besides system services, Windows also ignores the programs in the startup list. It may cause sound or graphics problems, but the main benefit is much bigger. Originally, this model was designed to make the diagnostics process easier. While the majority of system elements are not running, you can easily understand if the problem is related to hardware issues, or there is a software bug. However, it also gives a huge handicap in malware removal.
Safe Mode in malware removal process: why is it needed?
In the vast majority of cases, malware removal can be performed without any additional activities: just launch your anti-malware program, scan your PC and you’re good to go. But things turn worse when we are talking about something more complicated than adware or unwanted programs. Most of the modern ransomware variants, as well as spyware and backdoors, are able to prevent the anti-malware software from launching. Moreover, they can even forbid the launch of AV-tools installation files. Such viruses as coin miners, on the other hand, create a problem in another way – just by consuming almost 90% of your CPU power. None of the antivirus programs will be able to run correctly in such conditions.
Safe Mode allows you to ignore the changes that malware did to your PC. All prohibitions or autorun entries will not be effective when the system has the rule to run with a minimal (~10%) amount of settings. Hence, malware will not be able to affect the antivirus program job – in either direct way or through the changes in system settings. Sure, such a system mode is not comfortable for everyday use – but who said that a special troubleshooting mode can be used for a regular job?
How to enter the Safe Mode?
Since the appearance of this ability in Windows 7, the access to this system mode and its appearance have changed two times. In Windows 7, you need to press Win+R to call a Run window, then type msconfig and press Enter. In that window, opt on the Safe Mode with suboption Minimal. Press Apply and OK to save the choice.
Then, the system will offer you to reboot the computer – in order for the changes to take effect. Apply this action – and you will be booted just to the needed system mode. Choose Safe Mode with Networking and proceed to malware removal.
n Windows 8, this procedure was made easier – you just need to click the Reboot button while holding the Shift key on your keyboard.
Then, in the Troubleshooting screen, you need to choose Troubleshoot → Advanced Options → Startup Settings → Safe Mode with Networking.
How to remove malware using Safe Mode?
As I have mentioned, Safe Mode disables most of the Windows Services, leaving only ones that are crucial for system work. The problem is that Windows Defender is disabled in Safe Mode, too. You cannot wake it up until you boot your PC into a normal Windows mode. To remove malware in that system mode, you need to have a separate anti-malware program installed. Exactly, the networking is needed to install it after entering the Safe Mode – malware can just block the installation.
GridinSoft Anti-Malware will be a perfect solution for removing malware using Safe Mode. This anti-malware tool has its detection databases updated hourly; it also offers Proactive Protection, which allows you to protect the system in the background. Together with the overall lightweightness of this program it will be a perfect option for any system.