Viruses, Trojans, spyware, and other kinds of malware are a constant threat to any computing device that requires network connectivity. Many different types of security systems exist to combat these threats, ranging from browser plug-ins to virus scanners to firewalls and beyond. Despite these precautions, computing devices continue to be infected by threats of all types. Even when a computing device is protected by the most up to date definitions and heuristics, an attack may bypass several layers of security systems without being detected. One common type of attack is ransomware, which encrypts valuable files or even entire operating systems and holds the computing device hostage until the ransom is paid.
Unfortunately, traditional systems for remediating malware infections may not be capable of removing ransomware once a computing device has become infected. Because ransomware often locks down an entire computing device, preventing the user from interacting with other applications, a user may be unable to initiate an anti-malware scan on the computing device. Restarting the computing device into a traditional safe mode may require precise timing and may not be enough to prevent the ransomware from executing. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for restarting computing devices into security-application-configured safe modes.