Clean an Infected Computer via Safe Mode with Networking

Aug
28

Clean an Infected Computer via Safe Mode with Networking

Dan Steiner
Aug 28, 2013




What is Safe Mode with Networking?

To understand Safe Mode with Networking, you must first understand safe mode. The idea behind safe mode is actually quite simple: it is a boot mode in Windows that launches a minimal set of device drivers while disabling nearly every startup item (i.e. only necessary startup items are loaded upon booting into Windows). Safe mode is useful for troubleshooting problems that may arise with your PC, such as removing malware.

As the name suggests, Safe Mode with Networking follows the same rules as safe mode (e.g. minimal drivers loaded, startup items disabled, etc.), with the addition of network adapter drivers being loaded. Thus, Safe Mode with Networking is useful whenever you need to troubleshoot your computer, but also require an Internet connection.

Why Does Safe Mode with Networking Work for Malware Removal?

When malware has infected your PC and you boot into Windows normally, 99.99% of the time, the malware becomes active along with the rest of the drivers, programs, and more that usually load as well. This makes removing malware completely next to impossible, as the moment you reboot your computer and boot into Windows normally, the malware will reload as well. In some cases, the malware will reinstall itself the moment you remove it while booted into Windows as usual as well. To put it simply, think of malware as having a “defense mechanism” that cannot be fully uninstalled whenever you are booted into Windows normally. The malware has the ability to automatically reappear after you attempt to remove it thanks to the “defense mechanism,” meaning you need a more discrete “plan of action” for removing the malware.

That is where booting into Safe Mode with Networking comes into play. Because drivers, startup items, and more fail to load when booting into Safe Mode with Networking, so too does the malware fail to load as well. And do you know what else fails to load? The malware’s “defense mechanism” we discussed a second ago. Thus, by properly removing the malware, you will also remove the “defense mechanism” we discussed a second ago, meaning the malware is fully removed from your computer.

Windows XP / Vista / Windows 7

  1. Turn Your Computer Off

    In order to access Safe Mode, we first need to turn the infected computer completely off. It’s important to fully power the computer down. Going into Standby Mode or Hibernate will not work.

  2. Power On, then start tapping F8.

    Once you’ve powered the computer back on, you can then start tapping the F8 key on your keyboard.

  3. f8 keyboard safe mode

  4. Select Safe Mode with Networking

    Using the arrow keys on your keyboard, highlight Safe Mode with Networking, and press Enter.

  5. safe mode networking

  6. Log into your User Account

    Once your computer reaches the log on screen, you can now type in your password and log on to your account.

Windows 8

Keep in mind: Getting into Safe Mode can be tricky with Windows 8. If you’re unable to get in: drop us a line.

  1. Restart your computer

    It’s as simple as that. Go ahead and reboot the computer normally.

  2. Use Keys to Enable Advanced Bootup

    At the login screen, hold the Shift key, while also using your mouse to select the Reboot button.

  3. Select Select Safe Mode with Networking

    After booting into Safe Mode with Networking, continue the removal guide below.

The Cleanup Process

Now that we’ve booted into Safe Mode with Networking, we need to start cleaning up the system. The following programs should be run in order. Each program serves it’s own purpose, and no single program will fully clean up your computer. If you’re having trouble with any of the steps below, leave a comment and a technician will respond with suggestions.

  1. Get RogueKiller

    RogueKiller is a fantastic little program that will check for hijacked registry keys, your PC’s processes, and various other areas that malware infects. It’s absolutely free and takes only a few minutes to open and run. You can download RogueKiller from the author’s website or below.

  2. Rogue Killer

    • FREE (32Bit / 64Bit)
    • Tigzy (Website)

  3. Download and Save RogueKiller

    Download the proper version of RogueKiller to your computer, ensuring it’s saved in a location you can access (Desktop works best!) Most new computers will require the 64-Bit version, while some of the old systems, such as Windows XP, require the 32-Bit version. It’s not a big deal if you accidentally download the wrong version, simply re-download the proper version if it won’t run.

  4. Launch RogueKiller

    After you have downloaded RogueKiller, double-click the program to launch it. Allow RogueKiller to load, select Accept on the prompt asking you to agree to the EULA statement.

  5. rk_main

  6. Start the Scan

    Now that we have RogueKiller open, go ahead and click the scan button. It may take a few minutes to finish scanning your computer.

  7. Delete all Malicious Files Detected

    After RogueKiller has finished scanning, it may have found a few detection’s. If this is the case, select Delete. Once the malicious files have been deleted, close the program.

  8. Download Malwarebytes Anti-Malware

    The second tool we’re going to run is called Malwarebytes Anti-Malware. This software is no doubt, the most effective software available. The software is absolutely free, yet there is a paid version (Malwarebytes Anti-Malware Pro) available for only $25. If you can afford to purchase the full version, it is worth it as it will provide real-time protection against malware going forward.

  9. Malwarebytes Anti-Malware

    • FREE / $24.95 USD (Lifetime)
    • Malware Scanner Utility (No Protection)
    • Malware Scanner + System Protection

  10. Install Malwarebytes Anti-Malware

    Install Malwarebytes Anti-Malware in the same way as you would install any other program. After the installation process has completed, it is time for you to scan your computer thoroughly.

  11. Run Full Scan with Malwarebytes Anti-Malware

    Choose Full Scan, select the C: drive, then select Scan. Your PC will be scanned for malware, and once the scanning process has finished, it is time to look at what was found.

  12. malwarebytes anti malware new

  13. Removing the Infected Files

    Choose the infected files found within Malwarebytes Anti-Malware, and select Remove Selected. This will delete the infected files completely. Once deleted, the software may prompt you to reboot your computer. This is normal. Go ahead and let Malwarebytes reboot the computer.

  14. Remove Browser Hijack/Extensions

    Another important aspect of malware removal is browser hijacks and extensions. If your web browser is packed with junk toolbars, extensions, and other plugins, there is a much higher chance of malware sneaking into your computer. AdwCleaner is our tool of choice when it comes to cleaning this part of the system. Instead of having to manually remove each one, AdwCleaner takes care of everything in 1 click.

  15. AdwCleaner

    • Adware / Spyware Cleaner
    • Free
    • Xplode

  16. Install AdwCleaner

    After you have downloaded AdwCleaner, double-click on the program. AdwCleaner will be installed and open it’s main interface.

  17. adwcleaner new main interface

  18. Run AdwCleaner

    Once you have AdwCleaner open, go ahead and click the scan button to allow AdwCleaner to look for junk on your computer.

  19. Delete the Detected Files

    Select Delete to begin the removal process of the infected files. After the files have been removed, a window will display that asks you to close any open programs. Select OK so your PC can reboot. AdwCleaner will automatically reboot your computer.

  20. Log Back Into Windows

    Once you’ve logged back into Windows, AdwCleaner will open a document with a log of all the junk it removed. It’s safe to close this window.

  21. Open Your Web Browser

    Check to see if your web browser does not have any toolbars and/or other annoying pieces of malware do not load (e.g. hijacked pages loading, browser extensions you did not install, etc.). If everything looks clean, then that’s great!

  22. Check for Hidden Infections

    Some modern computer infections can remain hidden, even after the first few scans. It’s a good idea to run a quick scan to ensure the computer really is clean. To do this, we recommend TDSS Killer by Kaspersky.

  23. Download and Install TDSSKiller

    TDSSKiller is free, fast, and extremely effective.

  24. Kaspersky TDSS Killer

    • FREE
    • Specialty Malware Removal Utility
    • Kaspersky Labs

  25. Run Scan With TDSSKiller

    Select Start Scan to scan your PC for rootkits. Once the scanning process has finished, a screen will be displayed that states whether or not any infections were found on your PC. If an infection was not found, then great; you’re all done! However, if an infection was found, read on to remove the found infections.

    tdss killer scan

  26. Remove Found Rootkits

    Select continue to allow TDSSKiller to clean the infections. It’s generally safe to leave any found infections to their default settings. If you’re unsure of something, drop us a comment below.
    After the infected files found have been cleaned, select Reboot Now to reboot your PC.

  27. Clean Junk Files and Registry

    CCleaner is an incredible utility that removes unused files, temporary Internet files, cache, cookies, and more from your PC so that it can run much more optimally. In a sense, CCleaner removes the “gunk” from your computer, allowing you to free up hard disk space and system resources. It’s a great way to put the finishing touches on removing malware from your PC, and a great program to use a few times per month.

  28. CCleaner

    • FREE / $24.95 USD
    • System Cleanup Utility + Tools
    • Automated Cleanup + Additional Features

  29. Download and Install CCleaner

    Double-click on CCleaner to begin the installation process. You may want to uncheck some of the addons that appear in the installation.

  30. Run CCleaner

    Open CCleaner. If prompted, use the intelligent cookie scan (saves time). Then click on the Cleaner tab if it isn’t already defaulted. Then click Run Cleaner, then OK to allow the program to delete temporary files.

  31. ccleaner temporary files

  32. Clean the Registry

    Another aspect to clean while performing malware removal is the registry. When your computer becomes infected, settings in the registry are changed. Running the registry cleaner built into CCleaner will take care of all that, while optimizing your computer to run it’s best. It’s comparable to an oil change in a car.
    Click the Registry tab on the left, then click on Fix Selected Issues.

  33. Update Plugins and Drivers

    It’s extremely common for malware to sneak into your computer via outdated plugins and software, such as Adobe Flash and Java. We highly recommend updating these two plugins. Other plugins to update are: .NET, Java, Silverlight, Air, Shockwave, and JDK. For a quick and easy to update all these plugins at once, check out Ninite.com

  34. Using Ninite to Update Plugins (Optional)

    To use Ninite to update all the plugins and software, simply click each check box next to the appropriate piece of software. Once you’ve selected all the necessary plugins, click Get Installer.

    ninite installer plugins

  35. Run the Installer

    After you open Installer, the programs and plugins that you selected will download and install automatically, ensuring you that you have the current versions. Depending on how many programs and plugins you selected (and how fast your Internet connection is), this could take a while, so be patient, sit back, and allow Installer to finish working its magic.

  36. That’s It!

    You’re all done, and your computer should be malware free! If this guide helped you, please take a moment to leave a comment or click one of the social share buttons to support our efforts!

Author: Dan Steiner
Was This Guide Helpful
Clean an Infected Computer via Safe Mode with Networking
3 votes, 4.33 avg. rating (82% score)

2 Comments

  1. I am unable to even get online to download the vr removal programs you recommend. Is there a solution other than wiping clean the hard drive and re-installing everything?

  2. Hi there, i have faith that i actually found a person went to the weblog as a result my spouse and i reached turn back this favour? . I am seeking items to improve my site! Perhaps their sufficient to make use of some of your current ideas!

Leave a Comment

Your email address will not be published. Required fields are marked *