i'm sorry to bother u again, is it really important to boot into safe mode because i canoot find how to do it in my pc f2 is setup and f12 boot maybe because i am in europe its different. oh! also when i run the hijack this and i get all the log i put a check on all the things i want to delete and then go to fix checked right!
sorry to bother u!
///EDIT BY DEXTER: Merged 2 similar threads into one thread.
when i press f8 like u guys said there are many lines that i can choose from but since my internet is in french it's probably writen something else. it's presented as follows when i press f8.
when i press f8 like u guys said there are many lines that i can choose from but since my internet is in french it's probably writen something else. it's presented as follows when i press f8.
Fast way into safe mode, on most Windows versions, is to skip the menu, use F5 and not F8 (F8 should get you the menu you listed). As soon as the screen gets done showing the config per BIOS, or if you have soemthing that shows an intel screen then DURING that screen, start pressing F5 once every second or so, for up to 5-7 times. My XP Pro here, goes RIGHT into safe mode that way, no menu.
i'm sorry to bother u again, is it really important to boot into safe mode
To answer that part of the question, YES, it is important. Many malicious programs like virsues, spyware, adware, etc, will make themselves hard to remove in normal mode in various ways:
- running as a protected service so that you cannot end it from task manager
- creating connections via the internet so that they are "active" processes
- making the OS think they are system files
Etc.
Booting in safe mode forces the computer to boot only the bare minimum of items necessary to operate, and disabling all network connections / traffic.
A question for you advanced guys-
It seems, at times, newer computer users have trouble geting into safe mode using F8. Is there a reason nobody suggests the :run/msconfig/Boot.INI path?
I realise it's more work, but there is no "timing" involved.
Very rarely have I seen people have trouble using F8 to get into safe mode. It is easier (just reboot the computer and keep tapping F8) and faster. If someone has trouble F8'ing, then the MSConfig will work fine as a last resort.
Also, MSConfig is not a Windows 2000 program. If the user is running Win2000, they cannot MSConfig, unless they manually install the older Windows 98 version of MSConfig on their Win2000 box.
Finally, MSConfig is similar to Regedit in that, if you don't know much about your computer, you should stay the heck out of it I avoid telling people to Regedit or MSConfig anything if there is an easier and safer way for them to do something. F8 is easier and safer.
Ageek: F5 on my Win2000 Pro here at my office does not take me straight in to Safe Mode, it goes to the boot window just like F8 does.
Many viruses (especially trojans) and spyware apps include, as part of their programming, subroutines that watch for certain Windows system processes that can be used to identify and overcome them, such as Regedit, TaskMgr, MSConfig, and sometimes even CMD (DOS.) Just last week I cleaned spyware off of a client's computer that killed Regedit and TaskMgr instantly on their execution. This was a Win2000 system, so MSConfig was not an option here, but I would bet that if it was an XP system, the app would have watched for MSConfig as well.
F8 cannot be defeated by malware. Thus, another good reason to tell an inexperienced user to try F8 first
Same thing with my System 1. Haven't tried it with System 2.
Hmmm.... Ok, I just know that with my XP Pro box I can use F5 to get into Safe mode. But, it is a custom configured XP box also. And, it runs in Classic mode for GUI. That set of customizations might have reverted the boot behavior registry links, and it is just possible I tweaked the XP Pro install to do that.
I have seen OEM'd boxes that do not do this, they act as your boxes do (Both to Leonardo and the person quoted by Leonardo) or have F5 almost totally mapped out of boot option set. This has been true for some 98 SE, Me, 2000 Pro, and XP boxes.
I know that on 2000 Pro Full OEM I CAN use F5 also, and in 98, Me, and 98 SE-- to get into Safe mode without networking. The XP is also a System Builder full pack, stock SP1a CD used to install. Most all security updates installed.
The reason for the F8 bypass working, is the reg entries used for GUI are not loaded yet when this bypass is used. It stops the GUI reg entries from loading, and most spyware and adware and trojans designed to attack the GUI or through the GUI are not yet loaded when you use this key. Safe mode leaves a subset of services not loaded, depending on whether or not you choose Safe Mode with networking or not, you can tell Windows not to even load networking services. This leaves the box isolated from network for troubleshooting which can sometimes also be nice and leaves more hardware resources open for things like CD runs of AV or SpyBotS&D or HijackThis or floppy runs of more basic things. The registry entries will still be there to be pulled, they simply have no service support for network vectors inward to restore themselves where trojans are involved.
Comments
sorry to bother u!
///EDIT BY DEXTER: Merged 2 similar threads into one thread.
for example.
ccvhsivhs (first option)
hdhclsdhvsv (second option
cgauckgavhg (third option)
gvusvgsivgsvg (4th)
vshviushvoshvos (5th)
vshivoshvioshvisovhs (6th)
vsjivsjovhjsiovhsovhsovs (7th)
vsjvioshvosihvoshvos (8th)
vhsivohsv (9th)
vsjvsjviosjvoshvoshv (10th)
vsvishvishvisvhsovh (11th)
which one of these is it to boot into safe mode.
//EDIT: I found the translation on Symantec's site: Mode sans échec
Fast way into safe mode, on most Windows versions, is to skip the menu, use F5 and not F8 (F8 should get you the menu you listed). As soon as the screen gets done showing the config per BIOS, or if you have soemthing that shows an intel screen then DURING that screen, start pressing F5 once every second or so, for up to 5-7 times. My XP Pro here, goes RIGHT into safe mode that way, no menu.
John D.
To answer that part of the question, YES, it is important. Many malicious programs like virsues, spyware, adware, etc, will make themselves hard to remove in normal mode in various ways:
- running as a protected service so that you cannot end it from task manager
- creating connections via the internet so that they are "active" processes
- making the OS think they are system files
Etc.
Booting in safe mode forces the computer to boot only the bare minimum of items necessary to operate, and disabling all network connections / traffic.
Dexter...
It seems, at times, newer computer users have trouble geting into safe mode using F8. Is there a reason nobody suggests the :run/msconfig/Boot.INI path?
I realise it's more work, but there is no "timing" involved.
I'm not questioning using F8, just curious
Dragstk
Also, MSConfig is not a Windows 2000 program. If the user is running Win2000, they cannot MSConfig, unless they manually install the older Windows 98 version of MSConfig on their Win2000 box.
Finally, MSConfig is similar to Regedit in that, if you don't know much about your computer, you should stay the heck out of it
Ageek: F5 on my Win2000 Pro here at my office does not take me straight in to Safe Mode, it goes to the boot window just like F8 does.
Dexter...
Same thing with my System 1. Haven't tried it with System 2.
One other good reason I forgot to add.
Many viruses (especially trojans) and spyware apps include, as part of their programming, subroutines that watch for certain Windows system processes that can be used to identify and overcome them, such as Regedit, TaskMgr, MSConfig, and sometimes even CMD (DOS.) Just last week I cleaned spyware off of a client's computer that killed Regedit and TaskMgr instantly on their execution. This was a Win2000 system, so MSConfig was not an option here, but I would bet that if it was an XP system, the app would have watched for MSConfig as well.
F8 cannot be defeated by malware. Thus, another good reason to tell an inexperienced user to try F8 first
Dexter...
Bonne chance Carlos!!!
Peace,
requin
This is why I keep coming here, to learn something new , all the time.
Dragstk
Hmmm.... Ok, I just know that with my XP Pro box I can use F5 to get into Safe mode. But, it is a custom configured XP box also. And, it runs in Classic mode for GUI. That set of customizations might have reverted the boot behavior registry links, and it is just possible I tweaked the XP Pro install to do that.
I have seen OEM'd boxes that do not do this, they act as your boxes do (Both to Leonardo and the person quoted by Leonardo) or have F5 almost totally mapped out of boot option set. This has been true for some 98 SE, Me, 2000 Pro, and XP boxes.
I know that on 2000 Pro Full OEM I CAN use F5 also, and in 98, Me, and 98 SE-- to get into Safe mode without networking. The XP is also a System Builder full pack, stock SP1a CD used to install. Most all security updates installed.
The reason for the F8 bypass working, is the reg entries used for GUI are not loaded yet when this bypass is used. It stops the GUI reg entries from loading, and most spyware and adware and trojans designed to attack the GUI or through the GUI are not yet loaded when you use this key. Safe mode leaves a subset of services not loaded, depending on whether or not you choose Safe Mode with networking or not, you can tell Windows not to even load networking services. This leaves the box isolated from network for troubleshooting which can sometimes also be nice and leaves more hardware resources open for things like CD runs of AV or SpyBotS&D or HijackThis or floppy runs of more basic things. The registry entries will still be there to be pulled, they simply have no service support for network vectors inward to restore themselves where trojans are involved.
John D.