Malwarebytes in Safe Mode
I’ve talked about Malwarebytes before, it is a great virus and malware removal tool. It is not a true anti-virus, but is great for getting rid of a lot of the stuff that gets past anti-virus. Often times you can run Malwarebytes, reboot, and all the malware comes back. This is because the fake anti-virus or malware has found a way around Malwarebytes or your local anti-virus. When this happens I run Malwarebytes in Safe Mode.
For those of you not familiar with Safe Mode, it is just that. It is a safe mode version of windows that disables many programs from starting and blocking things, such as malware. You can get into safe mode by booting up your system and as soon as you see your bios screen (such as Dell, HP, Gateway, Acer, etc) start hitting the F8 key many times. Windows will not boot up and you will be asked what version of windows you would like to start. Safe Mode, Safe Mode with Networking, etc.
Let’s assume you already have Malwarebytes installed and tried to remove the infection and it didn’t work. Boot into Safe Mode per the instructions above and choose Safe Mode with Networking. When it first boots up it looks like a lot of garbage on the screen, but then will ask you to login. Login as per normal, you will get message that says you are running in Safe Mode, go ahead and click OK. Now find and launch Malwarebytes. The first thing you will want to do is go to the Update tab and update it. This is why we chose Safe Mode with Networking so we would be able to update Malwarebytes. Now go to the Scanner tab and select Full Scan and let it go. It should find and remove your infection. After it is done, reboot and let it go back into normal Windows, then you can see if the infection is truly gone.
I must warn you this method does not always work, some infections are buried in Windows to remove properly. Typically if this method doesn’t work it usually means it is time to reload the computer. But trying to remove the infection with Malwarebytes in Safe Mode is a good last resort before that.