Sign in to follow this  
Followers 0
seriouswrong

Using autoit to reboot into safe mode & run file

14 posts in this topic

#1 ·  Posted (edited)

Ok guys any help on this would be greatly appericated....

I know this might be off the beaten path. But I am using SC VNCUltra remote support client and when I am working on a customers machine sometimes i need to reboot into safemode to remove spyware & viruses.

This is a 2 part question.

How do you get windows to reboot into safe mode using Autoit?

Is there a way to get windows to run my support client upon reboot into safe mode? (lets call it support.exe) - If possible a quick way to remove support client from auto starting anymore when I am done with rebooting the customers machine.

You can find out mode about SC at www.ultravnc.com - my website has the auto SC web installer, www.pcexpertcare.com (this is to confirm my reasons are legit.)

Thanks!

Edited by seriouswrong

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

I can think of answer for each one that might work but both are *risky*:

1) To automatically reboot in safe mode, you would need to modify the boot.ini file so that the default boot entry contains the /safeboot switch. Then just call Shutdown(1) with AutoIt.

2) Since safe mode disables all startup/autorun programs by design, you would need to do something like changing the default shell from explorer.exe to an autoit script that launchs explorer and VNC. Make sure the script changes the shell back to explorer before it exits!

Some references

http://www.winguides.com/registry/display.php/849/

http://www.sysinternals.com/Information/bootini.html

EDIT: Let me try this in Virtual PC.... I'll let you know how it goes....

Edited by CyberSlug

Use Mozilla | Take a look at My Disorganized AutoIt stuff | Very very old: AutoBuilder 11 Jan 2005 prototype I need to update my sig!

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

in boot.ini here just example add /safeboot:minimal or /safeboot:network for safe mode with network support

example boot.ini

[boot loader]

timeout=30

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

multi(0)disk(0)rdisk(0)partition(1)\Windows="Microsoft Windows XP Professional" /fastdetect /safeboot:minimal

ofcourse remove the /safeboot option to go to normal mode after reboot

hmm almost same response but if the system logs in automaticly the startup folder in menu start does still work

Edited by MrSpacely

Share this post


Link to post
Share on other sites

None of this works on Windows 98, but it seemed to work in Virtual PC.

One other issues besides the boot.ini and shell registry key is whether a username and password is required to logon. Autologon can be enabled with: http://www.sysinternals.com/Utilities/Autologon.html

Of course if the computer's network ability is killed with spyware, you might need to run winsock fix or the command "netsh winsock reset catalog" first.


Use Mozilla | Take a look at My Disorganized AutoIt stuff | Very very old: AutoBuilder 11 Jan 2005 prototype I need to update my sig!

Share this post


Link to post
Share on other sites

None of this works on Windows 98, but it seemed to work in Virtual PC.

One other issues besides the boot.ini and shell registry key is whether a username and password is required to logon. Autologon can be enabled with: http://www.sysinternals.com/Utilities/Autologon.html

Of course if the computer's network ability is killed with spyware, you might need to run winsock fix or the command "netsh winsock reset catalog" first.

windows 98 was released in 1997 no one uses it

and with windows 98 you can change the msdos.sys to not load windows then add

win.com /D:M

or

win.com /D:N

for safe mode with networking

to the autoexec.bat

but thats besides the point who uses 98 today

that autologon thing by the registry is a really good point to autologin and have some special account for safe mode and add the fix program to that users startup folder

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

Can't exe's be set as services that run before login?

Is there anyway to have a exe run as a service without special software?

Edited by seriouswrong

Share this post


Link to post
Share on other sites

This is the reality of Windows Security; Miscrosoft attempting to secure networked computers to save us Admins from having to work so hard.

I've run into this SafeModeNetworking a number of times and have found that adding another entry to the Boot.ini for this mode works best for my situation. Once the computer checks in, I can remotely connect to it launching my bandaid script.

Share this post


Link to post
Share on other sites

Can't exe's be set as services that run before login?

Is there anyway to have a exe run as a service without special software?

I have no idea if all services run in the save mode, but...

http://www.pirmasoft.com/runassvc.php

a freeware programs wich can make any exe run as a service and also incredibly easy to use.

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

Thanks for the tips so far guys...

So it seems I could use msconfig under Windows XP to set it to boot into safe mode with networking, perhaps automade it using AutoIt :P

Now I need to find a way to launch the client still under safe mode.

Perry:

Just curious, do you do this manually or automated?

This is the reality of Windows Security; Miscrosoft attempting to secure networked computers to save us Admins from having to work so hard.

I've run into this SafeModeNetworking a number of times and have found that adding another entry to the Boot.ini for this mode works best for my situation. Once the computer checks in, I can remotely connect to it launching my bandaid script.

Edited by seriouswrong

Share this post


Link to post
Share on other sites

Cyberslug's idea of using your script as the shell is a better plan than setting it up as a service; Windows services (except for TS) can either interact with the Desktop or access network resources, but not both. Any AutoIt script has a hidden window and thus would need to interact with the desktop (as would any child apps) so the service would need to be run as interactive and thus wouldn't be able to access the network. A random discussion about this can be found here.

A possible third option: if HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System holds the path to an EXE it will be run at the same time that the login GINA appears. I don't know what restrictions or network connectivity an app has if it's run this way, I've just seen it done before...

AutoLogon + script-as-shell is probably the best option because you can change the shell only for the logging-on user; if something goes wrong you can log off, hold SHIFT to insure you get a login prompt and then log in as another user...


Yes yes yes, there it was. Youth must go, ah yes. But youth is only being in a way like it might be an animal. No, it is not just being an animal so much as being like one of these malenky toys you viddy being sold in the streets, like little chellovecks made out of tin and with a spring inside and then a winding handle on the outside and you wind it up grrr grrr grrr and off it itties, like walking, O my brothers. But it itties in a straight line and bangs straight into things bang bang and it cannot help what it is doing. Being young is like being like one of these malenky machines.

Share this post


Link to post
Share on other sites

Actually autoit just needs to scan for some spyware

It would only need rights to the registry and filesystem.

as for using msconfig

So it seems I could use msconfig under Windows XP to set it to boot into safe mode with networking, perhaps automade it using AutoIt

don't just change the boot.ini much easier then controlling msconfig

for network just add /safeboot:network to the end of the last line (where fastdetect often resides)

Share this post


Link to post
Share on other sites

#12 ·  Posted (edited)

You could use something like this to modify boot.ini safely (maintaining multiple boot lines):

$bootini = EnvGet("SystemDrive") & "\boot.ini"
$defaultboot = IniRead($bootini, "boot loader", "default", "")
If $defaultboot <> "" Then
    $attr = FileGetAttrib($bootini)
    If StringInStr($attr, "R") Then FileSetAttrib($bootini, "-R")
    
    $bootline = IniRead($bootini, "operating systems", $defaultboot, "")
    If $bootline <> "" Then
        $ok = IniRenameSection($bootini, "operating systems", _
            "operating systems backup", 0)
        If $ok Then
            IniWrite($bootini, "operating systems", $bootline[1][0], $bootline[1][1] & _
                " /safeboot:network")
        Else
            MsgBox(16, "BOOT.INI Error", "There was a problem renaming a section of " & _
                $bootini & @LF & "or the main section has already been backed up.")
        EndIf
    EndIf
Else
    MsgBox(16, "BOOT.INI Error", "There was a problem reading " & $bootini)
EndIf

And this to restore the original configuration:

$bootini = EnvGet("SystemDrive") & "\boot.ini"
IniRenameSection($bootini, "operating systems backup", "operating systems", 1)

*EDIT* Fixed long lines for readability.

Edited by c0deWorm

My UDFs: ExitCodes

Share this post


Link to post
Share on other sites

#13 ·  Posted (edited)

You could use something like this to modify boot.ini safely (maintaining multiple boot lines):

$bootini = EnvGet("SystemDrive") & "\boot.ini"
$defaultboot = IniRead($bootini, "boot loader", "default", "")
If $defaultboot <> "" Then
    $attr = FileGetAttrib($bootini)
    If StringInStr($attr, "R") Then FileSetAttrib($bootini, "-R")
    
    $bootline = IniRead($bootini, "operating systems", $defaultboot, "")
    If $bootline <> "" Then
        $ok = IniRenameSection($bootini, "operating systems", "operating systems backup", 0)
        If $ok Then
            IniWrite($bootini, "operating systems", $bootline[1][0], $bootline[1][1] & " /safeboot:network")
        Else
            MsgBox(16, "BOOT.INI Error", "There was a problem renaming a section of " & $bootini & @LF & "or the main section has already been backed up.")
        EndIf
    EndIf
Else
    MsgBox(16, "BOOT.INI Error", "There was a problem reading " & $bootini)
EndIf

And this to restore the original configuration:

$bootini = EnvGet("SystemDrive") & "\boot.ini"
IniRenameSection($bootini, "operating systems backup", "operating systems", 1)
good plan;) if something went wrong it would not even boot

good thinking

Hmm also good use of iniwrite I forgot about that just thought of filewrite

iniwrite is much better :P

Edited by MrSpacely

Share this post


Link to post
Share on other sites

I know that this is probably a bit late but it may be worth looking Here



Get Beta versions Here Get latest SciTE editor Here AutoIt 1-2-3 by Valuater - A great starting point.

Time you enjoyed wasting is not wasted time ......T.S. Elliot
Suspense is worse than disappointment................Robert Burns
God help the man who won't help himself, because no-one else will...........My Grandmother

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0