XP will boot only into safe mode, plea for help

[Albert Mata]

Help (I need somebody..)

So one day my XP freezes while starting, I thought, "no
problem, will boot into safe mode ". The nightmare has
just begun.

- Safe mode always starts (even with network)
- Chkdsk returns OK
- System restore no matter which control point I choose
fails.
- SFC won't run in Safe Mode (RPC error)
- Recovery console hangs
- Normal boot freezes (even with a tweaked msconfig to
load only most basic drivers)
- Windows XP CD freezes too after loading some drivers
(blank screen, cursor on the right top corner)
- Enabled "Boot logging", still no

I'm really clueless about what can be causing so much
trouble, I don't know even if it is software or hardware
problem, but in the Windows XP splash screen the blue line
stops moving, the PC goes silent and my hopes of a normal
booting dies.

Right now no matter how many things I try I can only boot
into safe mode, no "Last Known Good Configuration" ,
no "Recovery Console", no "Boot from CD and recover".

This is a Windows XP SP1 + several patches running fine
since 2003......

Any idea out there?

Thanks.

 

[wayne]

do a repair reinstall


Wayne

 

[Guest]

Hi.

do a repair reinstall

No way, if I boot from CD it freezes after loading
drivers (I can't arrive to the first screen)
If I run Windows XP Setup from Windows XP(safe booted)
when it restarts the box, the "Install Windows XP" boot
option leads me to a blank screen with cursor blinking in
the top right corner.

As I said in my original message no matter how many
services I stop or drivers unload I can *only* boot into
Safe Mode (no CD, no recovery console, no normal boot no
matter how much I tweak with msconfig)

Somewhere there *MUST* be a driver, an option or a
program that is preventing me from *ANY* boot but "Safe
Boot".

Ideas?. As I can't even boot from CD I tend to favour
something hardware-related but then why can I safe-boot?.

Thanks

 

[WinGuy]

Help (I need somebody..)

So one day my XP freezes while starting, I thought, "no
problem, will boot into safe mode ". The nightmare has
just begun.

- Safe mode always starts (even with network)
- Chkdsk returns OK

From a CD boot, select to enter the Recovery Console and use the commands:
chkdsk c: /R
Type exit and press enter key when it's done -- it will take quite a while
to run chkdsk this way, as it performs additional tests and also checks the
entire drive for bad sectors.

- System restore no matter which control point I choose
fails.
- SFC won't run in Safe Mode (RPC error)
- Recovery console hangs
- Normal boot freezes (even with a tweaked msconfig to
load only most basic drivers)

Here, you can try (from MSCONFIG) selecting Diagnostic mode. This loads the
bare minimum necessities for windows to run on the next boot, even less
things run than when you select Selective startup. You can also let it boot
normally, not just to safe mode, when in diag mode (although, of course, a
great deal of things won't run because they haven't been started properly).

I might be wrong on this, but I don't think sfc is supposed to require RPC
related services. Perhaps you have an infection. But after you boot normally
but still in diag mode, right-click My Computer, then Manage, expand
Services and Applications, and then expand Services -- right click Remote
Procedure Call (RPC) and Remote Procedure Call (RPC) Locator and try to
manually start those services. If one reports that it can not start, notice
why (or manually check the dependencies for the service, right click the
service and select properties and then the dependecies tab) and then go try
to start any other service that is depended on before that service will be
allowed to start. Be sure you have no physical cable connection that might
allow internet access, until you get all things fixed. Then try this:
Start | Run | cmd | OK
sfc /purgecache
sfc /scannow
[Note: The Windows CD might be required -- CD device should work ok in XP
even in diag mode from either safe or normal boot. Also, sfc will run a long
time, possibly up to a half hour or so.]
sfc /purgecache
exit

If sfc still will not run then I'd recommend removing the HDD from the
computer, setting its jumpers temporarily to make it be a slave drive (or
run it as a master drive on the secondary IDE channel), and check it for
virus on another computer that has up to date antivirus (maybe a repair shop
if you don't have access to another computer or to a friends). You might
need to do the sfc thing again once you put it back in your computer as a
master drive C.

Only if that still doesn't at least make things a little better, if not
entirely fixed, then the easiest path might be to boot from the Windows CD
(only from the exact one that was used to install Windows from, or you might
get permanently locked out) and do a Repair installation (not a brand new
install, so be very carefull how you answer questions and if you are unsure
then abort and let a repair shop do it for you so you don't loose your HDD
content usability).

- Windows XP CD freezes too after loading some drivers
(blank screen, cursor on the right top corner)
- Enabled "Boot logging", still no

What are the last 3 lines in your c:\bootlog.txt file after it has hung?

I'm really clueless about what can be causing so much
trouble, I don't know even if it is software or hardware
problem, but in the Windows XP splash screen the blue line
stops moving, the PC goes silent and my hopes of a normal
booting dies.

Right now no matter how many things I try I can only boot
into safe mode, no "Last Known Good Configuration" ,
no "Recovery Console", no "Boot from CD and recover".

This is a Windows XP SP1 + several patches running fine
since 2003......

Any idea out there?

Thanks.

Uh, yes ... does "several patches" mean ALL security (critical) patches have
been applied that Microsoft offers? With today's infections, it's imperative
and not an option that you keep right up to date on all patches, at least
the critical ones, and the same goes with keeping antivirus updated and
using a firewall (turn on your built-in XP firewall if it's not on, after
you can boot normally enough to do so and certainly before you even think
about connecting to the internet).

 

[Guest]

I AM HAVING THE SAME PROBLEM. I CAN GET INTO SAFE MODE BUT THAT'S ALL I CAN DO. IF I BOOT INTO PROMPT AND TRY THE UNINSTALL I GET THE MESSAGE REGISTRATION INFORMATION IS MISSING. ANY HELP OR SUGGESTIONS. XP IS NOT GOING TO WORK ON THIS MACHINE AND I NEED TO UNINSTALL IT. HOW??????

 

[Albert Mata]

From a CD boot, select to enter the Recovery Console and use the commands:
chkdsk c: /R

No CD boot and no Recovery console, only blank screen and
blinking cursor. Anyway I downloaded an utility from the
driver manufacturer (self-booting diskette) and the disk
appears fine.
I also ran Windiag from Microsoft to test the memory,
it's fine.

Here, you can try (from MSCONFIG) selecting Diagnostic mode. This loads the
bare minimum necessities for windows to run on the next boot, even less
things run than when you select Selective startup. You can also let it boot
normally, not just to safe mode, when in diag mode (although, of course, a
great deal of things won't run because they haven't been

started properly).

Well, that's what I supposed. Let select the bare minimum
as you say and if it can boot into Safe Mode it will boot
into 'normal' mode as well.
Guess what?. The $=""?! won't boot into normal mode ,
even when I select "Diagnostic mode" or "Uncheck all" or
any combination of services/drivers. Man, it seems
*determined* not to boot.

Safe Boot must be doing something *else* to allow it to
boot, extra-hardware checks?. ACPI tricks?.

I might be wrong on this, but I don't think sfc is supposed to require RPC
related services. Perhaps you have an infection. But

after you boot normally
[..]

Really great explanation of services but again the $%)
·$· is laughing at me, the RPC service is started, the
Locator RPC Services won't start because "it can't run in
Safe Mode". So it's a kind of Catch-22.
As whether sfc requires RCP I never ran it before but it
seems so. And again I can't start all the RPC services
under Safe Mode so I can't run SFC. Don't you love these
clever tricks? :-(

If sfc still will not run then I'd recommend removing the HDD from the
computer, setting its jumpers temporarily to make it be a slave drive (or
run it as a master drive on the secondary IDE channel), and check it for
virus on another computer that has up to date antivirus (maybe a repair shop
if you don't have access to another computer or to a friends). You might
need to do the sfc thing again once you put it back in your computer as a
master drive C.

That's one thing I probably will have to do, take the HDD
to another computer and chkdsk / sfc / viruscan it to
death. It will be a pain (specially if everything turns
out to be OK but still won't boot when returned) but it's
becoming the last option.

What are the last 3 lines in your c:\bootlog.txt file

after it has hung?

No bootlog.txt, I have a c:\windows\ntbtlog.txt that's
filling up pretty quick.

Last lines of this file follows (in Spanish) keep in mind
that this is an attempt of booting with almost every
service disabled and I'm not sure if the failed "normal
boots" really logs into this file.


"Controlador" means "Driver" and "cargado" means "loaded"
"No se ha cargado el controlador" means "Driver could not
be loaded"


No se ha cargado el controlador Controladores de audio
heredados
No se ha cargado el controlador Dispositivos para el
control de multimedia
No se ha cargado el controlador Dispositivos de captura
de vídeo heredados
No se ha cargado el controlador Códecs de vídeo
Controlador cargado \SystemRoot\System32\DRIVERS\tcpip.sys
Controlador cargado \SystemRoot\System32\DRIVERS\netbt.sys
Controlador cargado \SystemRoot\System32
\DRIVERS\netbios.sys
No se ha cargado el controlador Serial.SYS
No se ha cargado el controlador Processor.SYS
No se ha cargado el controlador AmdK7.SYS
No se ha cargado el controlador \SystemRoot\System32
\Drivers\PCIDump.SYS
Controlador cargado \SystemRoot\System32\DRIVERS\rdbss.sys
No se ha cargado el controlador PCLEPCI.SYS
Controlador cargado \SystemRoot\System32
\DRIVERS\mrxsmb.sys
No se ha cargado el controlador Fips.SYS
No se ha cargado el controlador Procesador AMD K7
No se ha cargado el controlador NVIDIA GeForce4 MX 440
No se ha cargado el controlador Puerto de comunicaciones
No se ha cargado el controlador Puerto de comunicaciones
No se ha cargado el controlador Puerto de impresora
No se ha cargado el controlador Puerto de juegos estándar
No se ha cargado el controlador Dispositivo MIDI
compatible con MPU-401
No se ha cargado el controlador C-Media AC97 Audio Device
No se ha cargado el controlador Creative EMU10K1 Audio
Processor (WDM)
No se ha cargado el controlador Creative Game Port
No se ha cargado el controlador Pinnacle WDM PCTV Video
Capture
No se ha cargado el controlador Pinnacle WDM PCTV Audio
Capture
No se ha cargado el controlador Pinnacle PCTV Data Service
No se ha cargado el controlador Códecs de audio
No se ha cargado el controlador Controladores de audio
heredados
No se ha cargado el controlador Dispositivos para el
control de multimedia
No se ha cargado el controlador Dispositivos de captura
de vídeo heredados
No se ha cargado el controlador Códecs de vídeo
Controlador cargado \SystemRoot\System32\Drivers\Cdfs.SYS
Controlador cargado \SystemRoot\System32\drivers\afd.sys
No se ha cargado el controlador \SystemRoot\System32
\drivers\afd.sys
No se ha cargado el controlador \SystemRoot\System32
\DRIVERS\rdbss.sys
No se ha cargado el controlador \SystemRoot\System32
\DRIVERS\mrxsmb.sys
Controlador cargado \SystemRoot\System32\DRIVERS\srv.sys
Controlador cargado \SystemRoot\System32
\Drivers\Fastfat.SYS

Uh, yes ... does "several patches" mean ALL security (critical) patches have
been applied that Microsoft offers? With today's
infections, it's imperative

I keep my computer pretty up-to-date, I can't say 100%
sure ALL patches because well they tend to come up rather
quickly.
Anyway, I don't have any public IP in my computer, it's
sitting behind a router that doesn't allow any incoming
connections so I'm quite safe (or that's what I thought)
I scan for virus regularly (updated patterns) and also
run from time to time both Ad-Aware and HijackThis to
keep things in place.


That was a long post, thanks for your suggestion and keep
it coming!

 

[WinGuy]

Hi again, Wayne. I read stuff that appeared while or after I made my last
reply. I didn't know a boot from CD would hang, it should not because it's
not loading any runtime files from the HDD (it's trying to copy what it
needs, for running, to the HDD). There might be low-level HDD format
corruption. Knowing that now, I'm concerned that your HDD really does need
to be put into another computer and have a thourough "chkdsk x: /R" done on
it (where "x:" is the drive letter) and then a complete virus check on it
from a Recovery Console boot of the Windows CD.

In addition, if that doesn't help, you might have bad memory. If you have
more than one memory stick in your box, try swapping them in their sockets.
You could also try a memory test program
http://www.memtest86.com/
but keep in mind that the test can not test that part of memory that the
test itself is loaded into, so you might just have to take it to a shop to
eliminate the possibility or go buy some extra RAM so you can do a swap.