Safe Mode Problem

J

jkores

New Member
Reaction score
0
Here's the problem.
A computer that I am repairing has a malware on it. I didn't want to run my utilities through normal windows, so I did the following.

Opened MSConfig, checked "Boot in Safe Mode"

Turns out, that the malware forces the Computer to Reboot when trying to boot into safe mode. I have attempted to make it boot from normal windows again, but can't seem to get it to work, even when i bring up the boot menu or advanced boot options.

Any suggestions?
 
My first guess with the information you provided, is that the malware deleted or modified the registry key which allows Windows to boot into safe mode.

Code: 
HKLM\System\CurrentControlSet\Control\Safeboot

If you use a live cd you can mount the remote registry hive and take a look at those keys.
 
jkores said:
I am using Hirens For my live CD running on Mini Windows.
Where could i find this?
Click to expand...

I am not familiar with Hirens but I did a quick Google search and it looks like Hirens has this program that should work, Registry Editor PE.
 
You will need to fix that Safemode problem but after the spyware is removed you may find additional items to fix... in the meantime, I suggest that you remove the hard drive and attach it to your tech bench computer and run your cleaning programs from there.
 
gikstar said:
You will need to fix that Safemode problem but after the spyware is removed you may find additional items to fix... in the meantime, I suggest that you remove the hard drive and attach it to your tech bench computer and run your cleaning programs from there.
Click to expand...

I agree with gikstar. Connect the drive to your tech bench computer and clean it as much as you can from there. I would use a combination of D7 and Antivirus. You'd be surprised it may fix the the safemode problem too. Good Luck!
 
gikstar said:
You will need to fix that Safemode problem but after the spyware is removed you may find additional items to fix... in the meantime, I suggest that you remove the hard drive and attach it to your tech bench computer and run your cleaning programs from there.
Click to expand...

+1 for benching the HDD. You may also want to try TDSSKiller.
 
Good suggestions from the others...

Not telling you how to do things, just interested, but why didn't you F8 into safe mode? That would avoid this issue.
 
phaZed said:
Good suggestions from the others...

Not telling you how to do things, just interested, but why didn't you F8 into safe mode? That would avoid this issue.
Click to expand...

Not saying this is the case here, but I have come across instances where the malware disables booting via safe mode.
 
You must log in or register to reply here.

Similar threads

Digital Funland
  • Question Question
Problem on Multi-OS bootable usb made with ventoy
Replies
19
Views
543
Digital Funland
Digital Funland
LordX
Can't get Bitlocker to work - Path specified in BCD is incorrect
Replies
10
Views
2K
Philippe
Philippe
Appletax
AVG hosed the OS - BSODs, bootrec/fixboot "Access is Denied"
2
Replies
25
Views
3K
britechguy
britechguy
lan101
acer aspire a315-24pt cannot boot to anything
2
Replies
20
Views
2K
NviGate Systems
NviGate Systems
Larry Sabo
ASUS Vivobook keyboard not functional in Windows, but does in WinPE
2
Replies
23
Views
2K
Porthos
Porthos
Back
Top