MSConfig hacked: Malware gone; still affecting startup

[fogyreef]

Update to my previous thread, but this is a substantially different question. The malware that I caught seems to have hacked the System Configuration manager such that at any time either the Startup Selection under General is Selective, or the boot options under Boot are set to safe boot.

Everytime I try to change them both to normal/no safe boot, the one on the other tab reverts to safe mode. Something is forcing at least one of the tabs to stay in safemode.

I've run the gambit, from Malwarebytes, AVG, Kickstarter, Windows security, CCleaner, etc.


Thoughts?

 

[RaDiKaL_]

If MalwareBytes, CCleaner and the antivirus of your choice have done what they could and still having issues, it's likely that in the process some files or registry records have been altered (beyond what CCleaner and other software can fix), then you should consider repair your windows installation with its recovery/installation disc.

 

[moulderhere]

PLease download Kaspersky Rescue DVD on another pc burn the iso to disc and boot of the dvd on the infected pc

http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/kav_rescue_10.iso

Adjust the settings to ensure a deep scan, be connected to the internet through a wired connection and do all updates.
Do a full scan on the infected pc, remove all results.

Once that is fully clean, running Spybot within safe mode, and then look at starting the process to restore from previous saved state or back up data to reinstall windows.