Safe mode (and variations) and Last known good config not working
in [Help and Support]
|
Prev: System Restore
Next: Using onboard sound card
From: Jose on 5 Apr 2010 06:18 On Apr 5, 4:55 am, Jock McSquiggle <JockMcSquig...(a)discussions.microsoft.com> wrote: > Again, thanks for posting back and here is an update to my original post. I > > managed to get round the 'Safe Mode looping' scenario, by using the Recovery > > Console from the disc I mentioned and followed the instructions at the > > following link.http://www.geekstogo.com/forum/Cannot-complete-WindowsXP- > > repair-install-Safe-Mode-t92558.html > > This at last allowed me to boot into Safe Mode and I managed to complete my > > repair install. (this still hung at the Windows XP splash screen but from > > what I have read on other forums this may be a video driver problem but I > > still have to check this out). > > I then ran MBAM which reported a whole host of threats, 24 in total, which I > > quarantined and deleted. Or so I thought. On re-running MBAM it still > > reported on 4 registry keys and although choosing to quarantine and delete > > them, on rebooting to remove them, and re-scanning, they are still there!! > > I have not tried to remove these via regedit, but do you think that would > > work? With regards to creating a Recovery Console disc, if I can use the one > > from my original shipped disc, is that not the same program? Also as part of > > the Dell diagnostics, I used their troubleshooting menus to check out memory > > and the hard drives, and all passed okay. Does CHKDSK do something different > > from Dells diagnostics? I appreciate you taking the time to post back. > -- > O++++++++++++&++++++++++++O > > > > "Jock McSquiggle" wrote: > > Dell C521 running XP Pro (SP3) got hit by fake anti-vir malware (XP defender > > 2010 I believe). Followed all advice from forums but could not rid the PC > > of this and attempted a repair install. Now I cannot get into any of the Safe > > Mode options and Last Known Good Config just sends me round in a loop i..e. I > > get back to the selection screen again. I am now concerned this may be h/w > > related but I would welcome any suggestions. Thanks in advance. > > -- > > O++++++++++++&++++++++++++O That's good. If we had used the RC CD (you might have made one) and run chkdsk /r and still not booting, I would have then suggested using RC to just delete the likely afflicted boot.ini file (XP does not need one to start), then boot, then repair/recreate the boot.ini. If some malware detects you are tying to remove it by adjusting your boot.ini, it will fix your system so it will never boot again in any mode. Sound familiar? That is why I asked about did you use msconfig in your troubleshooting. The solution: boot RC, chkdsk /r, delete/rename the suspicious boot.ini, reboot without one, continue... That is what your article does essentially - create a new boot.ini (still need RC to do it though). I am quite hung up on fixing these silly problems starting with RC, aren't I. MBAM is good, but no scanning software knows everything so I would do this too: Perform some scans for malicious software, then fix any remaining issues: Download, install, update and do a full scan with these free malware detection programs: Malwarebytes (MBAM): http://malwarebytes.org/ SUPERAntiSpyware: (SAS): http://www.superantispyware.com/ They can be uninstalled later if desired. MBAM and SAS should run clean eventually. Do not run MBAM in Safe Mode if it is ever suggested - and it will be (read their documentation). If you still have some leftovers it would be prudent to get a second opinion before just editing the registry to delete them - sometimes you have to and sometimes the messages from MBAM are a little misleading - it says registry something or another, but that may not the best way to fix it when you know how to interpret what the report really is trying to tell you. You have to interpret the messages and report sometimes. If you have leftovers, post up your MBAM report of just the items of interest and we can help you decide what to do. I still don't know what CDs you have. Manufacturer CDs fairly good coasters. I would rather make my own emergency CDs so I know what I have with certainty. When you get done, install RC as a boot option on your system and you will not have so much trouble if you get in a jam again some other day. I thought of some other things malware will do to convince you to do a Repair Install or total reinstall - it will fix System Restore so it doesn't work and it knows you are likely to use Google or Bing to research your problem so it will fix your browser so it either doesn't work at all or fix it so if you try to go to google.com, you will end up where it wants you to go instead. That way, you cant research it figure out how to remove it and "think" or be told you must reinstall. It is all just a trick. I have never done a Repair Install (except to practice) or a total Reinstall for anything - ever. The malware will not win over here. |