your read me is not complete...

Major attitude,
willing remove an annying "adware.CDT" file that appears in Norton but that NAV can't delete, I found your "read me before posting" on spyware.

I tried all the various sws (Ad-aware, spywareblaster, etc, etc).

Then, I decided to follow your intrusctions that happen to be wrong:
- disabled system restore
- started in safe mode
- relaunched the various antivirus, spyware sws

but now Windows continues rebooting ONLY in safe mode and using F8 to :
- launch last known configuration or
- boot in normal mode
has NO effect and...

I can't use the properties to restore the system.... becuase I disabled.

so your solution seems worse than the problem. I can guess why the part of your advice is written in red ("If you have a problem for any reason...) implying that you know there may be some problems but without detailing-anticipating them.

Now, How can I revert back NORMALLY working PC (even keeping the adware.CDT that until now had no effect) ?

 

Yes I was frustrated after 4 hours of trials and thoughts on how could it happen.
I must say I used "safe mode boot" since many years ago (DOS "old times" so this gives you an idea of how old am I). I do know what you mean, it should work and that's why I was mad. It was 2 o clock morning Italian hour. What i didn't like (of your read me) is that, by deactivanting system restore, it's like launching without a parachute...

I've been using Macs (at home) for many years and had to revert to Win last year for my daughter school needs. This is the first time I tried safe mode back again.

I did:
- start safe mode with F8
- all antivirus sw runs (spywareblaster, spybot, Ad-aware, Norton)
BTW everything is the same: Norton "sees" the file but can't eliminate, the others don't advice. An it wasn't a big problem since I wasn't receiving any ads. I read around that the file adware.CDT is only a piece, the others are gone so probably it can't work.
And yes... I read all the Symantec and MS knowledge bases before writing to you...
- retried F8 (doesn't work with both options: normal mode or last working configuration)
- tried msconfig with both options: full normal mode or selective by deactivating all with exception of Microsoft and Symantec options.

always the same, it takes minutes to boot up and is... in safe mode !

Is there a way to cheat the OS by going low level and switch the right registries telling to boot in normal mode ?

thanks

PS: I'm using the old Mac to write this.

 

Adding more info:
I tried with msconfig alternating ALL the options of selective boot with no effect.
It ALWAYS start the same, the changes have NO effect.

I can see the normal Windows desktop screen launch some applications (adobe reader, adware, etc) but not others (Word starts but doesn't open documents, Hotsync for Palm doesn't work), can't dragndrop, can't copy-paste.
Almost unusable and strange behavior indeed.

Re-did virus-adware checks, found nothing (NAV is not working now).

The system is :
Intel Pentium 4 at 2.4 Mhz, 224 MB RAM, XP Home SP2 (no problems at all at installation and ever since 3 weeks ago), CDROM and Iomega DVD-writer, ADSL connection, Norton Internet Security.

Beginning to think a rough reinstall is needed... and it would be the third in one year (2 hardisks gone to hell)... <-(

 

I'm almost willing to bet you have been to msconfig recently.
Go back to it
Click on boot.ini tab
Uncheck ANYTHING checked on this tab.

 

thanks, I'll probably do tomorrow now it's 2 am again... going to bed.
Probably sending the PC to the shop, I need it fast and this process may take too long.

BTW we just crossed our messages, read mine that may give you some hint.

I already tried to read through the Hijackthis log and it seems there's no problem...

 

Ok, I'll do both (msconfig with only boot.ini and HJT log) this evening (Italian hour) and send to you.
I'd like to fix within the night (4 hours) otherwise I'll have to bring it to the shop... those young guys are not that experienced or willing to solve they almost always suggest the reisntall of OS from scratch (*§$!)

 

in the BOOT.INI tab there has never anything checked.

and Ops !
but the HJT log can't be sent... since I'm without Internet connection.
I should recopy it by hand on this Mac... with possibility of errors...
I can't print or can't scan or copy-paste into a floppy...

anyway I just checked the previous one (before this mess, because the one I see now is much shorter...since some of the services are disabled) and there was nothing to worry. All the items are with known names that I wanted there. It's a quite short (compared to other horrible ones I've seen here around).

One question: may I try a reinstall from the SP2 CD ?

 

You can install it from Safe Mode, but you would be wasting your time.

Open your boot.ini on your C: drive and post the contents here.

It is a hidden file, so you need to show hidden files and folders.

 

here it is:

(boot loader)
timeout=20
default=multi(0)disk(0)rdisk(0)partition(1)/Windows
(operating systems)
multi(0)disk(0)rdisk(0)partition(1)/WINDOWS="Microsoft windows XP Home Edition" /fasdetect /NoExecute=Option

Note: This is typed by hand on this Mac so the first two slashes are opposite

I noticed that under Control Panel opening the user the window is... totally blank as if there was no user and there's no Administrator. Is it normal ?

 

Only if Sp2 is not installed on the system.

Hmmm...how odd.

Wonder what the event viewer shows?

For it to boot to SafeMode without errors or prompts, SOMETHING has to be passing a command to Windows during the boot process.

Is this an AMD64 machine?

 

No it's a Pentium 4, as I wrote.

Anyway don't bother anymore. I sent it to shop for a scratch reinstall... and will pass this weekend reinstalling and configuring all the applications.... what a joy !

Still, the big question remains and remained: what kind of command was not taking into consideration ANY of the cahnges I tried with msconfig ????

For the future I'll be VERY MUCH in doubt about deactivting system recovery.

Ciao