It's been a few days since I last posted to the Redcoat blog but I came across something genuinely useful today whilst trying to repair a computer infected with the rather unpleasant 'SecuritySuite' set of viruses. One of the key tasks when trying to rid a Windows machine of malware is to get into Safe Mode which helps prevent the running of malicious software (not all but most!). However, once in Safe Mode (F8 when the computer is starting and showing the Windows startup screens), some helpful programs such as HiJackThis can't be installed. This is by design but it's frustrating to say the least. This is where this tidbit from the internet comes in, it's really aimed at folk who know what they are doing when editing the important 'registry' on a computer and if you're wondering what a registry is then (other than where you get married in England) it's probably best, at this time, to leave it alone and ask a friendly Redcoat to help. This allows the windows installer service to execute in Safe Mode and thus install helpful programs.
1. Boot into Safe Mode.
2. Create the following registry key (it won't exist by default, so create this new key):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver
(If you also want it available in Safe Mode w/ Networking, add the "msiserver" key under the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ key found here as well)
3. Edit the "(Default)" value in the new "msiserver" registry key, and enter "Service" in the "Value Data" box. Click OK, and close the registry editor.
4. Reboot back into Safe Mode, and the Windows Installer service should now run and allow you to add or remove programs in Safe Mode.
Marvellous! Credit to 'cluberti' on the msfn.org forums for this tip.
Tony
No comments:
Post a Comment