|
|
|
|
|
Posted by Tyrenta on June 23, 2007, 3:29 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Apologies for the dual post -- wrong group earlier:
i've managed to cause more throuble than I solved -- attempting to
repair a friends PC that was LOADED with virus/trojans, but it would
not let me boot into safe mode (it *would* boot normally however, but
when trying safe mode it blue screens and recycles). Trouble is I
thought I could get around it by setting /safemode in
msconfig -- bad idea as now I can't boot normally and safe mode has
the same issues, so I'm in an endless boot to safe/blue screen loop --
does anyone have any suggestions how to disable safe mode boot if it
was configured in msconfig?? Thanks
|
|
Posted by Paul Zak on June 23, 2007, 6:22 pm
If you were Registered and logged in, you could reply and use other advanced thread options
boot from a CD?
> Apologies for the dual post -- wrong group earlier:
>
> i've managed to cause more throuble than I solved -- attempting to
> repair a friends PC that was LOADED with virus/trojans, but it would
> not let me boot into safe mode (it *would* boot normally however, but
> when trying safe mode it blue screens and recycles). Trouble is I
> thought I could get around it by setting /safemode in
> msconfig -- bad idea as now I can't boot normally and safe mode has
> the same issues, so I'm in an endless boot to safe/blue screen loop --
> does anyone have any suggestions how to disable safe mode boot if it
> was configured in msconfig?? Thanks
>
|
|
Posted by cquirke (MVP Windows shell/use on June 24, 2007, 5:21 am
If you were Registered and logged in, you could reply and use other advanced thread options
>i've managed to cause more throuble than I solved -- attempting to
>repair a friends PC that was LOADED with virus/trojans, but it would
>not let me boot into safe mode (it *would* boot normally however, but
>when trying safe mode it blue screens and recycles). Trouble is I
>thought I could get around it by setting /safemode in
>msconfig -- bad idea as now I can't boot normally and safe mode has
>the same issues, so I'm in an endless boot to safe/blue screen loop --
>does anyone have any suggestions how to disable safe mode boot if it
>was configured in msconfig?? Thanks
I'd be using Bart PE CDR boot in cases like this, using the RunScanner
plugin to access the stricken installation's registry (it shells
registry-aware tools like Regedit, AdAware, Nirsoft utilities,
HiJackThis etc. so they "see" the HD registry, not the Bart one).
Expect to find trouble in...
HKLM\System\CurrentControlSet\SafeBoot
HKLM\System\ControlSetXXX\SafeBoot
...with no CurrentControlSet seen from Bart (as none of the available
ControlSetXXX will be "current" at that time).
Specifically, expect to see "AlternateShell = Cmd.exe" being changed,
to hijack Safe Cmd Only in particular.
Look for malware integrations that persist in Safe Mode, such as:
- shell =
- useinit = (look in WindowsNT, Winlogon for those two)
- file associations
- screen saver
- changes to the Administrator account
Also, kill that damnfool "[X] Automatically Restart on Errors"
duuuuhfault setting in System, Advanced, so your system will STOP on a
BSoD that you can note and quote, instead of endlessly restarting
until AutoChk has "fixed" the file system to death.
Google( Bart PE )
See also...
http://cquirke.blogspot.com/2006/07/repairing-safe-mode-safeboot.html
HTH - I know Bart isn't easy, but at least it exists, no thanks to
"what, me worry?" MS, who seems to think Windows is So Secure that it
never needs formal malware cleanup because it never gets infected.
See also...
http://cquirke.mvps.org/reinst.htm
...if someone says "Just wipe and rebuild"
>--------------- ---- --- -- - - - -
I'm baaaack!
>--------------- ---- --- -- - - - -
|
|
Posted by Richard Urban on June 24, 2007, 4:43 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Also, kill that damnfool "[X] Automatically Restart on Errors"
duuuuhfault setting in System, Advanced, so your system will STOP on a
BSoD that you can note and quote, instead of endlessly restarting
until AutoChk has "fixed" the file system to death.
I consider that the "dumbfault" setting! It is one of the first things I
change when setting up a new system.
--
Regards,
Richard Urban
Microsoft MVP Windows Shell/User
(For email, remove the obvious from my address)
|
|
Posted by Lady Dungeness on June 25, 2007, 2:53 am
If you were Registered and logged in, you could reply and use other advanced thread options
and would like to know HOW to uncheck "Automatically Restart on
Errors." Never thought about it before -- but you guys have me
convinced!
Lady D
On Sun, 24 Jun 2007 16:43:32 -0400, "Richard Urban"
>
>
>
>Also, kill that damnfool "[X] Automatically Restart on Errors"
>duuuuhfault setting in System, Advanced, so your system will STOP on a
>BSoD that you can note and quote, instead of endlessly restarting
>until AutoChk has "fixed" the file system to death.
>
>I consider that the "dumbfault" setting! It is one of the first things I
>change when setting up a new system.
|
| Similar Threads | Posted | | AVG anti-rootkit - normal or safe Mode ? | October 20, 2007, 8:18 am |
| Can't boot to safe mode | June 3, 2007, 5:33 pm |
| cant boot into safe mode have antivirus xp 2008 | November 17, 2008, 1:20 pm |
| Safe Mode with Networking | September 12, 2007, 7:00 pm |
| Installing Anti-Virus Software in Safe Mode | May 11, 2007, 4:04 pm |
| Re: Is this a software intrusion or a normal circumstance | January 3, 2006, 11:41 am |
| Is the PXE a new kind of virus spyware or is it normal? | May 30, 2006, 12:43 pm |
| Windows Anti-Spyware - suppress normal messages? | July 13, 2005, 11:33 am |
| Officescan in disconnected mode | December 26, 2007, 9:14 am |
| Win XP Folders always open in Search Mode | May 22, 2006, 12:50 am |
|
|
|
XML site map