How can I remove a forkbomb from the Startup folder?

windows windows-vista batch batch-file
9,903

Solution 1

How to remove a forkbomb from the Startup folder?

Start your PC in "Safe Mode" (Startup programs do not run in safe mode, and only the basic drivers needed to start Windows are installed).

Then you can delete the offending batch file.

How To Start Windows Vista in Safe Mode

  1. To begin entering Windows Vista Safe Mode, turn on or restart your PC.

  2. You will see the Splash Screen

  3. Before the Windows Vista splash screen appears, press F8 to enter "Advanced Boot Options"

  4. Select "Safe Mode" and press Enter

Screenshots:

enter image description here

**strong text**

Source How To Start Windows Vista in Safe Mode

Solution 2

You can skip loading the contents of the Startup folder by holding down Shift as the computer starts and logs in. (Note that this doesn't work for startup applications loaded from the Registry or other locations, only the actual Startup folder.)

Solution 3

Try booting your laptop in Safe Mode by pressing F8 during the bootup sequence, from there, just locate the file in your Startup folder and delete it.

If you're worried about accidentally opening it, or something similar, you can boot up in Safe Mode with Command Prompt (Provided you can use Command Prompt), and delete it that way, instead.

Even safer than that would be to take the hard drive out and connect it to a machine that cannot open a batch file, thus unable to reactivate the sequence, and remove it that way.

If that's unavailable, you could always try and re-image the drive.

Solution 4

Your best bet is to boot into Safe Mode or to a recovery disk or a linux live CD and remove it.

To boot to Safe Mode go ahead and I believe hit F8. Here's instructions, but the big thing is to strike F8 mid-boot.

The command to delete a file in Windows is del and in Linux is rm. Note in Linux you may be better off doing it though their file manager since if you don't know Linux you'll have to mount the disk and all that. The recovery console command prompt is what you'll want in the Windows disk.

Solution 5

In addition to the other answers: if by some chance, your problem lies in the registry (for instance, as in @isanae's comment on the accepted answer), you can edit the registry offline either by booting to another install of your version of Windows, or by using a setup/WinPE environment CD.

In short, open up the registry editor in your alternate OS (from WinPE or a setup disc, you can press Ctrl+F10 to open up a command prompt, then enter "regedit"). From there, you can create a new node in the registry tree, then use File -> Load Hive to choose the corresponding files for offline registry editing as follows:

[HKEY_LOCAL_MACHINE\SYSTEM] (%windir%/system32/config/SYSTEM)

[HKEY_LOCAL_MACHINE\SOFTWARE] (%windir%/system32/config/SOFTWARE)

[HKEY_USERS.Default] (%windir%/system32/config/DEFAULT)

[HKEY_CURRENT_USER] (%userprofile%/ntuser.dat)

From here, you can make whatever edits you need (SOFTWARE\Microsoft\Windows\CurrentVersion\Run, for example, holds your startup programs), and then save/close the hive you opened back to the same file.

Share:
9,903

Related videos on Youtube

Ethan Bierlein
Author by

Ethan Bierlein

Certified forklift operator

Updated on September 18, 2022

Comments

  • Ethan Bierlein
    Ethan Bierlein over 1 year

    I have an older laptop running Windows Vista, from about 2005 and I was fooling around with it a little bit. In a moment of sheer stupidity, I created a Batch file and put the following code in it:

    %0|%0

    I ran this and I had to restart my laptop. However, I decided to continue upon this destructive path and put the Batch file in the Windows Startup folder. Now I can't login without it destroying my laptop.

    How can I remove this forkbomb from the Startup folder?

    • Keavon
      Keavon over 8 years
      Also, this is a brilliantly simple way to destroy someone's computer. I'll try to remember this one just incase I ever meet someone that I really, really hate and I get 30 seconds with their computer. You could even use live boot media to access the filesystem and create the file without needing a password.
    • rpax
      rpax over 8 years
      @Keavon I'll take your advice :) post added to favorites
    • Mark K Cowan
      Mark K Cowan over 8 years
      This is beautiful
    • nixda
      nixda over 8 years
    • jpmc26
      jpmc26 over 8 years
      @Keavon Better yet, turn it into ransom-ware. ;)
    • Ehsan Sajjad
      Ehsan Sajjad over 8 years
      what does this line of code actually means?
    • GalacticCowboy
      GalacticCowboy over 8 years
      @EhsanSajjad - every time it executes, it spawns two new instances of itself. (which each spawn new instances, etc.) Eventually it consumes all available resources, and the computer becomes unusable. In a batch script, %0 stands for the executing batch script.
    • Mark K Cowan
      Mark K Cowan over 8 years
      Given the amusing nature of the question, I'm surprised nobody suggested format C: or `del /S C:` as ways to remove the forkbomb from the Startup folder (note to beginners: do not try those commands, they'll remove everything else as well)
  • user541686
    user541686 over 8 years
    If you can re-image the drive by booting into another tool somehow then you can just delete the file from there.
  • Mutantoe
    Mutantoe over 8 years
    Just out of curiosity, how did you get those screenshots?
  • DavidPostill
    DavidPostill over 8 years
    @Mutantoe Google image search ;)
  • WernerCD
    WernerCD over 8 years
    "Image search" didn't show me these pictures at all
  • user541686
    user541686 over 8 years
    Have you actually tried this or did you just read it somewhere? I just tried it on Windows 8.1 and it didn't seem to work.
  • DavidPostill
    DavidPostill over 8 years
    @WernerCD google "windows vista safe mode" images and "windows vista splash screen" images ;)
  • Michael Bailey
    Michael Bailey over 8 years
    If you boot to a live CD it's much safer than taking the hard drive out and re/unmounting it. Not like Live CDs can.
  • Michael Bailey
    Michael Bailey over 8 years
    Kinda confused how this is a different answer other than that point though to be honest.
  • Burhan Ali
    Burhan Ali over 8 years
    They would have been created using a virtual machine.
  • Quill
    Quill over 8 years
    I have the same opinion on the duplicate answer you posted after mine, @MichaelBailey
  • Michael Bailey
    Michael Bailey over 8 years
    What? This doesn't list Live CD as an option. A noobie taking a hard drive out and setting it up for another machine should probably come after a live CD. Also I thought I was first answer but hey that can be a network bug for all I know so that's whatever
  • isanae
    isanae over 8 years
    Note that Windows will start stuff in the RunOnce registry keys even in safe mode if they are prefixed with *. If you felt adventurous enough to put a fork bomb in your startup folder, make sure you don't do the same in the registry.
  • nhinkle
    nhinkle over 8 years
    I've done this before on Windows 7 and it works fine. You have to press and hold Shift the whole time after you press Enter on your password until the desktop appears, maybe a bit longer to be safe.
  • DavidPostill
    DavidPostill over 8 years
    For what it's worth you posted 69 seconds before @MichaelBailey and I posted 84 seconds after Michael. We were probably all editing our answers at the same time. After submitting it's down to network timing. I'm working of a slow mobile tethered connection :/
  • DavidPostill
    DavidPostill over 8 years
    @isanae Thanks, I didn't know that.
  • Soren Bjornstad
    Soren Bjornstad over 8 years
    I have gotten it to work before, but I can't say for sure which versions of Windows.
  • user541686
    user541686 over 8 years
    Are you sure it skipped the contents of the startup folder? I feel like when I tried it, it skipped the registry but not the startup folder. @nhinkle
  • DavidPostill
    DavidPostill over 8 years
    @EhsanSajjad What line where are you asking about?
  • Ehsan Sajjad
    Ehsan Sajjad over 8 years
    the line in the question, which OP put in the batch file
  • DavidPostill
    DavidPostill over 8 years
    @EhsanSajjad %0 is the name of the batch file. | is the pipe symbol. So a batch file containing %0|%0 says run me again and pass my output into a new copy of me recursively.
  • Ehsan Sajjad
    Ehsan Sajjad over 8 years
    And it is called forkbomb?
  • Cole Tobin
    Cole Tobin over 8 years
    @EhsanSajjad yes. Essentially, if you save your forkbomb as, say, fork.bat, running it will run fork.bat|fork.bat. That means for every time fork.bat is run, two more copies will be started.
  • Ben Voigt
    Ben Voigt over 8 years
    Note that if you use this method to fix user-local registry settings from a second user account on the same Windows install, it's absolutely essential to unload the hive before attempting login. If you leave the hive mounted, it can't be loaded to the correct location under HKEY_USERS and Windows will permanently change the profile to point to a newly made mostly empty hive. (mostly empty = same state as a user logging in for the first time ever). Just retracing your steps won't fix it.
  • Cyphase
    Cyphase over 8 years
    Even suggesting re-imaging the drive seems excessive.
  • Shamtam
    Shamtam over 8 years
    @BenVoigt Interesting issue that I wouldn't have thought of. If Windows does permanently change the profile, do you happen to know where the new hive (assuming it doesn't overwrite the already-mounted old hive) is created/stored?
  • Ben Voigt
    Ben Voigt over 8 years
    If I remember right (but it has been a few years) the new registry hive file goes in the same directory but with a numeric file extension.
  • Quill
    Quill over 8 years
    It's a more of a last resort kind of thing
  • Mark K Cowan
    Mark K Cowan over 8 years
    You may also need to look in WOW6432Node, I'd assume that the startup-run stuff in there will also be honoured
  • badboy24
    badboy24 over 8 years
    @Mehrdad It was definitely the folder in either 98 or XP (last time I had to use it), no idea if it's changed since then

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

CMD Batch file virtually press the enter key
Create a Batch file (.bat) to search an string through multiple files
How to create multiple txt files with incrementing numbers and writing in them using batch files (.bat)
creating a batch file for pinging a website
Batch file FOR command skipping lines
How to show a comfirmation dialog when a batch file window is closed
I can't run .bat and .cmd files with start command (Windows 7)
How to find the oldest file in given directory in Windows CMD?
How to output net group command in list format in batch
RDP connection by making it .bat file