How To Restart PC in Safe Mode and do some stuff
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
I had some task these days to automate removing antivirus from PC-s in our company... on some PC-s there was a password mismatch issue so we had to restart PC in safe mode to remove the config files and then we were able to remove the antivirus itself... so i wrote some scripts to automate it... The logic was this:
1) run the file which will set the password and enable built in administrator account. Copy two batch files (file1, file2) on C disk for Further work, run file 1 As administrator...
2)file 1 contains instructions and reg keys to restart computer in safe mode, autologin, run the file2 instead of explorer.exe... then deletes itself...
3)file2 contains instructions to restart computer in normal mode, delete config file of antivirus, sets default values for normal startup of explorer... then deletes itself...
actually it did work: after this script is launched - computer restarts in safe mode, administrator account automatically logs on, deletes config file, restarts in normal mode and everything seems nice and clean... but in some cases i was not able to restart in safe mode... and in other case computer restarted ins safe mode administrator account automatically got log on and then nothing happened...
so what i did wrong?
here are the files with code:
Main file which was launched by administrative privileges:
@echo off
net user Administrator Pass12345
net user Administrator /active:yes
xcopy "Bat_Ffile1.bat" "C:" /Y
xcopy "Bat_Ffile2.bat" "C:" /Y
"Bat_FRunas.vbs"
Runas file:
Option explicit
dim oShell
set oShell=Wscript.CreateObject("WScript.Shell")
oShell.Run "runas /profile /user:Administrator ""C:file1.bat"""
WScript.Sleep 100
oShell.Sendkeys "Pass12345~"
Wscript.Quit
file1 :
@echo off
bcdedit /set {default} safeboot minimal
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v DefaultUserName /t REG_SZ /d Administrator /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v DefaultPassword /t REG_SZ /d Pass12345 /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v AutoLogonCount /t REG_DWORD /d 1 /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v Shell /t REG_SZ /d "C:file2.bat" /f
shutdown -r -t 10 -c "Computer Will Now Restart In SAFE MODE..."
del "%~f0"
file2 :
@echo off
bcdedit /deletevalue {default} safeboot
del "C:\ProgramdataSomeAntivirusSomeconfigfile.cfg"
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v Shell /t REG_SZ /d "explorer.exe" /f
shutdown -r -t 10 -c "Computer Will Now Restart In NORMAL MODE..."
del "%~f0"
so what do i do wrong? or what would you suggest / reccomend?? what can i do for troubleshooting???
bash batch vbscript regedit autologon
add a comment |
I had some task these days to automate removing antivirus from PC-s in our company... on some PC-s there was a password mismatch issue so we had to restart PC in safe mode to remove the config files and then we were able to remove the antivirus itself... so i wrote some scripts to automate it... The logic was this:
1) run the file which will set the password and enable built in administrator account. Copy two batch files (file1, file2) on C disk for Further work, run file 1 As administrator...
2)file 1 contains instructions and reg keys to restart computer in safe mode, autologin, run the file2 instead of explorer.exe... then deletes itself...
3)file2 contains instructions to restart computer in normal mode, delete config file of antivirus, sets default values for normal startup of explorer... then deletes itself...
actually it did work: after this script is launched - computer restarts in safe mode, administrator account automatically logs on, deletes config file, restarts in normal mode and everything seems nice and clean... but in some cases i was not able to restart in safe mode... and in other case computer restarted ins safe mode administrator account automatically got log on and then nothing happened...
so what i did wrong?
here are the files with code:
Main file which was launched by administrative privileges:
@echo off
net user Administrator Pass12345
net user Administrator /active:yes
xcopy "Bat_Ffile1.bat" "C:" /Y
xcopy "Bat_Ffile2.bat" "C:" /Y
"Bat_FRunas.vbs"
Runas file:
Option explicit
dim oShell
set oShell=Wscript.CreateObject("WScript.Shell")
oShell.Run "runas /profile /user:Administrator ""C:file1.bat"""
WScript.Sleep 100
oShell.Sendkeys "Pass12345~"
Wscript.Quit
file1 :
@echo off
bcdedit /set {default} safeboot minimal
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v DefaultUserName /t REG_SZ /d Administrator /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v DefaultPassword /t REG_SZ /d Pass12345 /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v AutoLogonCount /t REG_DWORD /d 1 /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v Shell /t REG_SZ /d "C:file2.bat" /f
shutdown -r -t 10 -c "Computer Will Now Restart In SAFE MODE..."
del "%~f0"
file2 :
@echo off
bcdedit /deletevalue {default} safeboot
del "C:\ProgramdataSomeAntivirusSomeconfigfile.cfg"
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v Shell /t REG_SZ /d "explorer.exe" /f
shutdown -r -t 10 -c "Computer Will Now Restart In NORMAL MODE..."
del "%~f0"
so what do i do wrong? or what would you suggest / reccomend?? what can i do for troubleshooting???
bash batch vbscript regedit autologon
I see a few issues - runas.vbs is executing "runas" without an extension, so could cause a loop. xcopy is copying to "c:" with a"
which escapes the quote. remove those quotes. the destination, the root of the C: drive, is also usually protected so unless the initial "main" process has rights to write there it'll choke on those lines which will leave you in limbo later. you're not removing the autologin options or disabling the administrator account in file2. using sendkeys is terrifying for security, since it would insert the password into any app that had focus.
– shawn
Feb 15 at 18:48
vbs might not be associated with anything, so using cscript or wscript to call it would be safer. if you're running these across the network, then the initial setup would be safer if called via psexec.
– shawn
Feb 15 at 18:49
@shawn thank you for your reply & advice!!!
– Davida M
Feb 15 at 20:55
@shawn thank you for your reply and advice!!!
– Davida M
Feb 15 at 20:58
add a comment |
I had some task these days to automate removing antivirus from PC-s in our company... on some PC-s there was a password mismatch issue so we had to restart PC in safe mode to remove the config files and then we were able to remove the antivirus itself... so i wrote some scripts to automate it... The logic was this:
1) run the file which will set the password and enable built in administrator account. Copy two batch files (file1, file2) on C disk for Further work, run file 1 As administrator...
2)file 1 contains instructions and reg keys to restart computer in safe mode, autologin, run the file2 instead of explorer.exe... then deletes itself...
3)file2 contains instructions to restart computer in normal mode, delete config file of antivirus, sets default values for normal startup of explorer... then deletes itself...
actually it did work: after this script is launched - computer restarts in safe mode, administrator account automatically logs on, deletes config file, restarts in normal mode and everything seems nice and clean... but in some cases i was not able to restart in safe mode... and in other case computer restarted ins safe mode administrator account automatically got log on and then nothing happened...
so what i did wrong?
here are the files with code:
Main file which was launched by administrative privileges:
@echo off
net user Administrator Pass12345
net user Administrator /active:yes
xcopy "Bat_Ffile1.bat" "C:" /Y
xcopy "Bat_Ffile2.bat" "C:" /Y
"Bat_FRunas.vbs"
Runas file:
Option explicit
dim oShell
set oShell=Wscript.CreateObject("WScript.Shell")
oShell.Run "runas /profile /user:Administrator ""C:file1.bat"""
WScript.Sleep 100
oShell.Sendkeys "Pass12345~"
Wscript.Quit
file1 :
@echo off
bcdedit /set {default} safeboot minimal
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v DefaultUserName /t REG_SZ /d Administrator /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v DefaultPassword /t REG_SZ /d Pass12345 /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v AutoLogonCount /t REG_DWORD /d 1 /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v Shell /t REG_SZ /d "C:file2.bat" /f
shutdown -r -t 10 -c "Computer Will Now Restart In SAFE MODE..."
del "%~f0"
file2 :
@echo off
bcdedit /deletevalue {default} safeboot
del "C:\ProgramdataSomeAntivirusSomeconfigfile.cfg"
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v Shell /t REG_SZ /d "explorer.exe" /f
shutdown -r -t 10 -c "Computer Will Now Restart In NORMAL MODE..."
del "%~f0"
so what do i do wrong? or what would you suggest / reccomend?? what can i do for troubleshooting???
bash batch vbscript regedit autologon
I had some task these days to automate removing antivirus from PC-s in our company... on some PC-s there was a password mismatch issue so we had to restart PC in safe mode to remove the config files and then we were able to remove the antivirus itself... so i wrote some scripts to automate it... The logic was this:
1) run the file which will set the password and enable built in administrator account. Copy two batch files (file1, file2) on C disk for Further work, run file 1 As administrator...
2)file 1 contains instructions and reg keys to restart computer in safe mode, autologin, run the file2 instead of explorer.exe... then deletes itself...
3)file2 contains instructions to restart computer in normal mode, delete config file of antivirus, sets default values for normal startup of explorer... then deletes itself...
actually it did work: after this script is launched - computer restarts in safe mode, administrator account automatically logs on, deletes config file, restarts in normal mode and everything seems nice and clean... but in some cases i was not able to restart in safe mode... and in other case computer restarted ins safe mode administrator account automatically got log on and then nothing happened...
so what i did wrong?
here are the files with code:
Main file which was launched by administrative privileges:
@echo off
net user Administrator Pass12345
net user Administrator /active:yes
xcopy "Bat_Ffile1.bat" "C:" /Y
xcopy "Bat_Ffile2.bat" "C:" /Y
"Bat_FRunas.vbs"
Runas file:
Option explicit
dim oShell
set oShell=Wscript.CreateObject("WScript.Shell")
oShell.Run "runas /profile /user:Administrator ""C:file1.bat"""
WScript.Sleep 100
oShell.Sendkeys "Pass12345~"
Wscript.Quit
file1 :
@echo off
bcdedit /set {default} safeboot minimal
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v AutoAdminLogon /t REG_SZ /d 1 /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v DefaultUserName /t REG_SZ /d Administrator /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v DefaultPassword /t REG_SZ /d Pass12345 /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v AutoLogonCount /t REG_DWORD /d 1 /f
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v Shell /t REG_SZ /d "C:file2.bat" /f
shutdown -r -t 10 -c "Computer Will Now Restart In SAFE MODE..."
del "%~f0"
file2 :
@echo off
bcdedit /deletevalue {default} safeboot
del "C:\ProgramdataSomeAntivirusSomeconfigfile.cfg"
reg add "HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon" /v Shell /t REG_SZ /d "explorer.exe" /f
shutdown -r -t 10 -c "Computer Will Now Restart In NORMAL MODE..."
del "%~f0"
so what do i do wrong? or what would you suggest / reccomend?? what can i do for troubleshooting???
bash batch vbscript regedit autologon
bash batch vbscript regedit autologon
asked Feb 11 at 19:39
Davida MDavida M
11
11
I see a few issues - runas.vbs is executing "runas" without an extension, so could cause a loop. xcopy is copying to "c:" with a"
which escapes the quote. remove those quotes. the destination, the root of the C: drive, is also usually protected so unless the initial "main" process has rights to write there it'll choke on those lines which will leave you in limbo later. you're not removing the autologin options or disabling the administrator account in file2. using sendkeys is terrifying for security, since it would insert the password into any app that had focus.
– shawn
Feb 15 at 18:48
vbs might not be associated with anything, so using cscript or wscript to call it would be safer. if you're running these across the network, then the initial setup would be safer if called via psexec.
– shawn
Feb 15 at 18:49
@shawn thank you for your reply & advice!!!
– Davida M
Feb 15 at 20:55
@shawn thank you for your reply and advice!!!
– Davida M
Feb 15 at 20:58
add a comment |
I see a few issues - runas.vbs is executing "runas" without an extension, so could cause a loop. xcopy is copying to "c:" with a"
which escapes the quote. remove those quotes. the destination, the root of the C: drive, is also usually protected so unless the initial "main" process has rights to write there it'll choke on those lines which will leave you in limbo later. you're not removing the autologin options or disabling the administrator account in file2. using sendkeys is terrifying for security, since it would insert the password into any app that had focus.
– shawn
Feb 15 at 18:48
vbs might not be associated with anything, so using cscript or wscript to call it would be safer. if you're running these across the network, then the initial setup would be safer if called via psexec.
– shawn
Feb 15 at 18:49
@shawn thank you for your reply & advice!!!
– Davida M
Feb 15 at 20:55
@shawn thank you for your reply and advice!!!
– Davida M
Feb 15 at 20:58
I see a few issues - runas.vbs is executing "runas" without an extension, so could cause a loop. xcopy is copying to "c:" with a
"
which escapes the quote. remove those quotes. the destination, the root of the C: drive, is also usually protected so unless the initial "main" process has rights to write there it'll choke on those lines which will leave you in limbo later. you're not removing the autologin options or disabling the administrator account in file2. using sendkeys is terrifying for security, since it would insert the password into any app that had focus.– shawn
Feb 15 at 18:48
I see a few issues - runas.vbs is executing "runas" without an extension, so could cause a loop. xcopy is copying to "c:" with a
"
which escapes the quote. remove those quotes. the destination, the root of the C: drive, is also usually protected so unless the initial "main" process has rights to write there it'll choke on those lines which will leave you in limbo later. you're not removing the autologin options or disabling the administrator account in file2. using sendkeys is terrifying for security, since it would insert the password into any app that had focus.– shawn
Feb 15 at 18:48
vbs might not be associated with anything, so using cscript or wscript to call it would be safer. if you're running these across the network, then the initial setup would be safer if called via psexec.
– shawn
Feb 15 at 18:49
vbs might not be associated with anything, so using cscript or wscript to call it would be safer. if you're running these across the network, then the initial setup would be safer if called via psexec.
– shawn
Feb 15 at 18:49
@shawn thank you for your reply & advice!!!
– Davida M
Feb 15 at 20:55
@shawn thank you for your reply & advice!!!
– Davida M
Feb 15 at 20:55
@shawn thank you for your reply and advice!!!
– Davida M
Feb 15 at 20:58
@shawn thank you for your reply and advice!!!
– Davida M
Feb 15 at 20:58
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1404565%2fhow-to-restart-pc-in-safe-mode-and-do-some-stuff%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1404565%2fhow-to-restart-pc-in-safe-mode-and-do-some-stuff%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
I see a few issues - runas.vbs is executing "runas" without an extension, so could cause a loop. xcopy is copying to "c:" with a
"
which escapes the quote. remove those quotes. the destination, the root of the C: drive, is also usually protected so unless the initial "main" process has rights to write there it'll choke on those lines which will leave you in limbo later. you're not removing the autologin options or disabling the administrator account in file2. using sendkeys is terrifying for security, since it would insert the password into any app that had focus.– shawn
Feb 15 at 18:48
vbs might not be associated with anything, so using cscript or wscript to call it would be safer. if you're running these across the network, then the initial setup would be safer if called via psexec.
– shawn
Feb 15 at 18:49
@shawn thank you for your reply & advice!!!
– Davida M
Feb 15 at 20:55
@shawn thank you for your reply and advice!!!
– Davida M
Feb 15 at 20:58