I thought it would be a good idea to add this little fix for bcdedit, since ransomware makes a mess out of your registry, too.
bcdedit.exe is often used to disable repair by the Windows Recovery Console on boot/restart after infection. Used by numerous ransomware families and APT malware such as Olympic Destroyer etc ...
I thought it would be a good idea to add this little fix for bcdedit, since ransomware makes a mess out of your registry, too.
bcdedit.exe is often used to disable repair by the Windows Recovery Console on boot/restart after infection. Used by numerous ransomware families and APT malware such as Olympic Destroyer etc ...
Evil commands: bcdedit.exe /set {default} bootstatuspolicy ignoreallfailures bcdedit.exe /set {default} recoveryenabled no
What has been added:
Great work btw ;)