Windows Registry & Malware Removal

Example Situation: You scan/clean in Safe Mode with Dr.Web Cureit. Malware is found and Dr.Web Cureit requires a restart to finish the Malware cleaning. If you plan to do a scan/clean job with another Anti-Malware scanner (i.e., SAS Portable) in Safe Mode, should you allow the PC to reach the Windows Desktop to allow any Windows Registry changes to take place and then restart the PC into Safe Mode for the next scan? Putting it another way, do any necessary changes to the Windows Registry take place if you skip going to the Windows Desktop and just go directly into Safe Mode again (Safe Mode->Restart->Safe Mode)?

Thanks in Advance.

 

As far as I am aware:

1. If an anti-malware app asks you to restart, it is sometimes for using the delete file on reboot feature of Windows. I honestly have no idea if this gets done if you immediately go to safe mode on the next reboot.

2. However, I can tell you that when you do go directly into safe mode again, the registry won't fire anything added to the run/runonce keys (unless the value is preceeded by a * but that's rare.) There are also times when an anti-malware app adds something it needs to do a cleanup to the run or runonce keys that you probably should be doing.

If you chose not to do Normal mode so that the run/runonce keys fire, then you could, if you felt like going through the hassle, run those commands manually on your next boot to safe mode, and remove them from the registry.
Provided they don't deal with the Windows installer service or a few other odds and ends, it would work. But personally I wouldn't want to go through all that.

3. Services not configured to start in safe mode obviously wouldn't start in safe mode. Some anti-malware apps add their services to safe mode, some do not (I have no idea about Dr. Webb)