The Windows 7 System Recovery Command Prompt is such a powerful tool because you can perform actions on your files and data without having to be in Windows. This means that if you are infected with malware you can use the recovery environment to clean your computer of rootkits or malware without fear of them hindering your efforts as they will not be started. You can easily fix the registry entries
From Recovery Command Prompt you can load your Windows Registry hives and then access them using Regedit. That way if you or a program has changed a setting in your Registry that does not allow you to boot up, you can fix it using the command prompt. An example of this would be when an antivirus program incorrectly fixes the Userinit key and thus you are no longer able to login to Windows. To fix this you would start the Windows Recovery Environment Command Prompt and load the hives, fix the changes, and unload them again.
Boot from win 7 install disk, choose recovery, and command prompt.
Type REG LOAD HKLM\TempSoft D:\Windows\System32\config\software and press Enter to load the Registry hive.
Type regedit.exe and press Enter to start the Windows Registry Editor.
Browse to HKEY_LOCAL_MACHINE\TempSoft\Microsoft\Windows NT\CurrentVersion\Winlogon key within the Registry Editor.
Double-click on the Userinit value and change the data to read D:\Windows\system32\userinit.exe,
Exit the Windows Registry Editor.
Type REG UNLOAD HKLM\TempSoft and press Enter to unload the Registry hive.
Then exit the recovery console and restart. The registry should have been changed.
The same way you can load the SYSTEM hive and change the start and stop behavior of IDE/AHCI/RAID driver which are usually the culprit of 7B BSOD.
Command set supported by windows recovery console:
From Recovery Command Prompt you can load your Windows Registry hives and then access them using Regedit. That way if you or a program has changed a setting in your Registry that does not allow you to boot up, you can fix it using the command prompt. An example of this would be when an antivirus program incorrectly fixes the Userinit key and thus you are no longer able to login to Windows. To fix this you would start the Windows Recovery Environment Command Prompt and load the hives, fix the changes, and unload them again.
Boot from win 7 install disk, choose recovery, and command prompt.
Type REG LOAD HKLM\TempSoft D:\Windows\System32\config\software and press Enter to load the Registry hive.
Type regedit.exe and press Enter to start the Windows Registry Editor.
Browse to HKEY_LOCAL_MACHINE\TempSoft\Microsoft\Windows NT\CurrentVersion\Winlogon key within the Registry Editor.
Double-click on the Userinit value and change the data to read D:\Windows\system32\userinit.exe,
Exit the Windows Registry Editor.
Type REG UNLOAD HKLM\TempSoft and press Enter to unload the Registry hive.
Then exit the recovery console and restart. The registry should have been changed.
The same way you can load the SYSTEM hive and change the start and stop behavior of IDE/AHCI/RAID driver which are usually the culprit of 7B BSOD.
Command set supported by windows recovery console:
Console Command
|
Description
|
attrib | Change permissions on files. |
Bootrec | You can use the Bootrec.exe tool in the Windows Recovery Environment (Windows RE) to troubleshoot and repair the master boot record (MBR), boot sector,and Boot Configuration Data (BCD) store |
bcdedit | Displays and allows you to change how Windows boots up. This command is useful for people who are having trouble with the Windows Boot Manager |
cd | Changes the current directory |
chkdsk | Checks a hard disk for errors and attempts to repair them. |
copy | Copy a file from one location to another. |
del | Deletes a file |
dir | Lists the files and folders in the current directory |
diskpart | Load the Windows disk management program. From this program you can create, delete, shrink, and expand your existing partitions as well as get information about partitions and hard drives |
icacls | Change file and folder permissions and display or modify access control lists (ACLs) |
mkdir | Creates a new folder |
more | Displays the content of a file one page at a time |
move | Moves a file or a folder |
reg | Perform Windows Registry operations. |
ren | Rename a file or folder |
rd | Remove an empty folder |
type | Display the contents of a file |
xcopy | Copy a folder or files to another location |
Windows Program Name
|
Description/Notes
|
Notepad.exe | Opens up the Windows Notepad so you can view and edit text files. You can also use the file browser when click the File -> Open menus to copy, move, rename, and delete files. |
Regedit.exe | The Windows Registry Editor. |
rstrui.exe | The System Restore console where you can restore your computer back to earlier restore points. |
No comments:
Post a Comment