The Grey Chronicles

2010.February.2

How Safe is Microsoft’s Safe Mode?



My son fiddled with my Mobile AMD Athlon™ Compaq Presario 2100 Notebook the other night. He installed a software game called Arcade Labs’ Bricks of Egypt and today I cannot access a Normal Boot. An interesting yet mind-boggling incident for me because for the past months since June 2009 after reinstalling Windows XP Home then installing the HP Wireless LAN, I could NOT even access the default Administrator account in SAFE MODE. Pressing the usual F8 key do not present the choices of Safe Mode Boot: Safe Mode with Networking, Safe Mode with Command Prompt; Last Known Good Configuration. All I see was a black screen. No error shown.

For the whole month of June, I researched available Knowledge Base Internet resources beginning with the Support website of Microsoft. I even contacted an on-line MS Support staff who advised, as usual, to try to reinstall Microsoft XP Home from a clean slate, i.e. re-format the hard drive, re-install Windows XP, etc. I pointed out that I had successfully installed Windows XP Service Pack 2 using the free CD from the Microsoft Philippines without a hitch (remember the clamor for much easier installation of SP2? Also refer to BugBlog listing of Windows XP SP2 bugs) and already applied the respective Service Packs for both Windows XP and Office 2003; thus a re-format would be a stretch, aside from reinstalling all other application software!

Anybody who had been in this situation knows pretty well that doing all the above is not easy at it seems, especially if you only got one personal computer. I have tried slip-streaming before, various HDD backup software, or something that worked in Vista using MSCONFIG, and even started with a low-level format, but nothing worked. The Compaq website could not help me either. The latest update for my Notebook model offered by Compaq was dated October 2008!

After a week researching, it really was exasperating that even though the same problem: No Safe Mode for Windows XP were presented by users in different Internet fora since 2004, e.g., SoftwareTipsandTricks, all Microsoft could come up boils down to a re-install of its operating system! As early as 2006, some users pointed the culprit to the security holes in Microsoft XP that were vulnerable to malware. Unfortunately, as Microsoft MVPS would claim, removing a malware from the Microsoft operating system would be most effective if the scans were performed in SAFE MODE. Moreover, systemic changes in the registry is needed to be done in SAFE MODE if there exist NO other administrator except the default Administrator account.

So Long, Safe Mode Boot!During my research regarding this SAFE MODE problem, I found an interesting Microsoft Certified Professional [MCP] Magazine Online article written last March 2006 by Chris Wolf, a Microsoft MVP for Windows, entitled: So Long, Safe Mode Boot! Replying to a reader’s query, Wolf specified a 9-step procedure to disable SAFE MODE by editing the C:\ntldr using a binary/hex file editor, such as 010 Editor. The default attributes of an installed NT Loader file, C:\ntldr, is usually RHSA, i.e., Read Only, Hidden, System, Archive. Microsoft is protecting you from yourself by hiding it from you and locking it away from you! Yet, any tech-savvy user will find ways to circumvent these. Thus, although Wolf’s effort to offer this procedure to the public is commendable, the repercussion of such knowledge would be: malware creators could then easily disable the SAFE MODE? Just wondering!

Two weeks later, with the Windows XP STILL loading through Normal Boot, I gave up my search to fix my Notebook’s Safe Mode Boot, thus I could not ascertain the fact whether some malware was lurking in the operating system. Anti-malware scans in Normal Mode on user account with limited privileges do not cut it! I used my Compaq Notebook from the second half of June 2009 until yesterday, even though I was denied of the Microsoft XP’s Safe Mode. Similar NO Safe Mode incidents were also reported using Windows95 or Windows98, and even Vista!

Yesterday, with Windows XP ONLY booting at Safe Mode—thanks to my inquisitive and hyper-computer-active son—it gave me the opportunity to scan the system for malware. Using all updated anti-malware I could download: Windows Defender, SpywareBlaster, Spybot – Search & Destroy, Avira AntiVir, AVG Root Kit, Ad-Aware, Malwarebytes’ Anti-Malware, ClamWin Portable, Norton 360, plus a host of other Utilities such as HiJackThis, AutoRuns, ProcessExplorer, ATWIL Virus/Worm Cleaner, Symantec Removal Tools, AVG Virus Removers, I ran various malware scans in Safe Mode, i.e., for the first time in six months after the reinstall!

Did another reboot after the scans, yet Windows XP still boots in SAFE MODE! Having had enough troubleshooting time for the day, I tried playing my son’s game, Bricks of Egypt and as he claimed, true enough, it was addicting! I finished one pack: Fire on the Rocks and continued on with an advanced pack: Revenge of Tutankhamen.


Notes:

Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 LicenseDisclaimer: The posts herein do not necessarily represent any organization’s positions, strategies or opinions. Read the full version of self-imposed rules for this blog: A New Year; New Rules. Unless otherwise expressly stated, the posts are licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.
Comments are moderated to keep the discussion relevant and civil. Readers are responsible for their own statements.

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: