Is there a way to edit boot.ini on XP that won't boot?

Discussion in 'Software' started by KevinR225, Mar 1, 2010.

  1. KevinR225

    KevinR225 Private E-2

    In dealing with the "antivirus soft" trojan, I set the safe boot mode in the boot ini section of msconfig. I tried this because it wouldn't go into safe mode under F8. Anyway, now all it does it boot and shut down loop. Is there any way to edit the boot ini from a command prompt or something? Thanks, Kevin R
     
    KevinR225, Mar 1, 2010
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Take a look at this:

     
    Kestrel13!, Mar 1, 2010
    #2
  3. bullchit

    bullchit Private E-2

    you can fix it from a linux live cd
     
    bullchit, Mar 2, 2010
    #3
  4. KevinR225

    KevinR225 Private E-2

    Thanks for the help.
    Since I had limited access to another computer, I kept playing with it and was able to get in.
    Ran through all the bootable disc I had. I was able, using an Windows 7 disc, get to a command prompt with an editor. I couldn't see the boot.ini, but found an old bootinibak. Did a save as, and yes to replace existing file.
    Wasn't elegant, but it got me in, and I could make changes to the old boot ini once in. It was from an old temp dual boot setup, but did the job.

    Thanks again.
    Now I have more info for the next time, that I hope doesn't come.

    Kevin R
     
    KevinR225, Mar 2, 2010
    #4
  5. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    And are you now free of malware? You can always run our procedures if you wish to check for any remnants. :)
     
    Kestrel13!, Mar 2, 2010
    #5
  6. KevinR225

    KevinR225 Private E-2

    Well I thought I was seeing the light at the end of the tunnel, but after a second run through of SuperAntispyware, Malware bytes quick scan, MGTools and NAV found 0. Then I decided to run Malware fullscan and got the log below. Seems like they don't go away.

    Malwarebytes' Anti-Malware 1.44
    Database version: 3816
    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    2010/03/02 11:19:26 PM
    mbam-log-2010-03-02 (23-19-26).txt

    Scan type: Full Scan (C:\|J:\|K:\|)
    Objects scanned: 510277
    Time elapsed: 4 hour(s), 9 minute(s), 46 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\WINDOWS\$NtServicePackUninstall$\userinit.exe (Trojan.PWS) -> Quarantined and deleted successfully.
     
    KevinR225, Mar 2, 2010
    #6
  7. plodr

    plodr MajorGeek Super Extraordinaire Moderator Staff Member

    This
    seems to indicate that the one infected file is now gone.
     
    plodr, Mar 3, 2010
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds