How to remove viruses from the Windows Safe Mode?

by Brendan Smith
December 15, 2021
How to remove viruses from the Windows Safe Mode?
Safe Mode, Clean PC, Remove malware, GridinSoft Anti-Malware
Written by Brendan Smith

The majority of viruses that are widespread nowadays can be removed from your PC without any additional setups. However, some “serious” examples of computer viruses can block the anti-malware software usage, or just load the CPU so much that the security tool will fail to start. For that case (and some other actions) Microsoft added the Safe Mode to their operating system.

What is Safe Mode in Windows?

During the standard startup process, Windows launches tens of services and all applications that were added to startup. All these things are essential for OS correct work and also for better user experience. Services in Windows provide a lot of essential things, like managing the DLLs between programs or user access to shared folders. But sometimes they must be disabled – and let me explain why.

Malware tries to provide itself sustainability in your system. Usually, it just adds itself to your startup – using the Run hive in the Windows registry. Thus, it obtains the ability to launch together with the system start, regardless of your actions. Coin miners additionally change the Group Policies to make their .exe file starting with the highest priority. This mode allows you to launch the quasi-clean system – without all startup programs, launch rules, or other things that can be dictated by malware.

Coin miner Task Manager

Coin Miner overloads the CPU, which makes the anti-malware software functioning impossible

Thus, you can already understand when the Safe Mode is needed. The situations when malware creates too much load on the system, or when it forcibly prevents the launching of any of the anti-malware programs are just the direct indication for using this Windows mode.

How to remove viruses from a computer in Safe Mode?

Just as in a usual Windows boot. The only problem is that “as usual” will not work when the computer is under attack. Even if you had a security tool on your computer before the attack, malware could corrupt its files, or even delete it completely. Using Microsoft Defender will not work either: it does not work in Safe Mode because of the disabled services. The only solution for malware removal in this mode is a third-party program. But before we step up to the exact removal process, let’s see how to reboot your computer into a Safe Mode.

Enter the Safe Mode on Windows 7

Different Windows versions have different ways to enter the Safe Mode, and also a different interface of this system mode. In Windows 7, perform the following steps:

  • Press Win+R, then type “msconfig” in the search bar. In the appeared window, click the Boot tab.
    • Msconfig Run

  • In this tab, opt the Safe Mode → Minimal in the Boot Options column. Press Apply and OK to save the changes.
    • Msconfig Safe Mode

  • System will offer you to reboot the PC. Agree with this offer – and you will see your system rebooting right into a Troubleshooting screen.
    • Safe Mode Win7

  • In the Troubleshooting mode, choose the Safe Mode with Networking, and proceed to the paragraph with malware removal guide.

Enter the Safe Mode on Windows 8/8.1/10/11

  • Press Start button, then click on Restart while holding the Shift button on your keyboard. Your PC will be booted into a Troubleshooting screen.
    • Troubleshooting screen

  • Click on Troubleshoot → Advanced options.
    • Advanced options Win10

  • On that screen, go to Startup Settings and press “5” to call the Safe Mode with Networking.
    • Startup Settings

Malware removal in the Safe Mode

As I have mentioned before, malware removal in that Windows mode requires a third-party anti-malware program. Such a need is dictated by the essence of the Safe Mode – most of the services, including ones that are crucial for Windows Defender work, are disabled. Moreover, malware could stop it even before you decided to perform any counteractions. That’s why I’d recommend you to use GridinSoft Anti-Malware.

Download GridinSoft Anti-Malware

GridinSoft Anti-Malware is an easy-to-use program that can clean your computer effectively for free. It has a free trial period that lasts for 6 days – more than enough to make your system clean. Just type your email address – and the key will be sent to your email. Paste that key in the field and you are ready to go!

GridinSoft Anti-Malware trial license

Remove malware with GridinSoft Anti-Malware

Launch the full scan of your device. It usually takes less than 20 minutes, but may be longer on weak systems. You can use your PC as usual.

Gridinsoft Anti-Malware during the scan process

When the scan is finished, you will see the list of detected malware. Click on Clean Up to get rid of all detected malware. This procedure will take less than a minute.

GridinSoft Anti-Malware after the scan process

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
How to remove viruses from the Windows Safe Mode?
Article
How to remove viruses from the Windows Safe Mode?
Description
Safe Mode is made specially to clean your system up from malware. However, it is not 100% how to remove malware in Safe Mode - when Defender is not working.
Author
Copyright
HowToFix.Guide
 

About the author

Brendan Smith

I'm Brendan Smith, a passionate journalist, researcher, and web content developer. With a keen interest in computer technology and security, I specialize in delivering high-quality content that educates and empowers readers in navigating the digital landscape.

With a focus on computer technology and security, I am committed to sharing my knowledge and insights to help individuals and organizations protect themselves in the digital age. My expertise in cybersecurity principles, data privacy, and best practices allows me to provide practical tips and advice that readers can implement to enhance their online security.

View all posts

Leave a Reply

Sending