Last week the wife's computer would not start the Operating System (OS), Windows XP.
What it was doing was a startup loop, it would get to the 'Starting Windows'
splash screen then kept restarting.
It would not even start in 'Safe Mode' it would get so far then restart.
Let me explain:
This is a custom made computer -
Core 2 Duo 2.4 GHz Processor
2 Gig of memory
80 Gig hard drive
And all the other goodies
Two people use this computer, my wife and my daughter-in-law so what ever
was done to the computer in is anybody's guess. It is broke and I get to fix it.
The first thing I thought was a virus, so I get out my trusty ERD boot disk
and start the computer. Looks good, opps where is the C: drive?
Upon investigation the ERD (which is a Pre Installation Operating System
based on the XP installer) could not see the C: partition. How ever it did show
in the Drive Manager.
Doing a properties on the C: partition brought up a disk read error but
doing the same thing on the D: partition didn't.
This tells me two things -
The drive is not failing
The C: partition has a problem
Is it a virus?
Is it corrupt?
The first step is to get the Operating System partition back to where an
Anti Virus programs can access it.
So I open the command prompt (Start / Run) and then type in chkdsk c: /r
Nope, because ERD couldn't attach to the partition when it started it would
not allow access to the partition.
So I shut the computer down and restart it with BartPE, this has the same
type of OS as ERD but more extensive. The BartPE disk also has a check disk
batch file that is makes check disk more flexible than running the chkdsk
program with the normal
options.
Once the OS has started I look at the partition with a program called
NTEXPLORER.EXE
Looking at the partition I see five invalid partition entries. This is NOT
normal.
Next I run a program called chkdsk.cmd this is a batch file that Bart has
made to run the chkdsk.com program with extra options.
One of the options is to remove the bad partition entries and not write them
to a file. This is a very good option because if you run the chkdsk.com program
with out the necessary switches your hard drive will be filled up with
unnecessary files that you will have to delete.
Once I had removed the corruption from the drive the next step was
investigate why the drive became corrupted.
I restart the computer and see if it will start in 'Safe Mode'. It does
start in Safe Mode.
Next I run Anti virus/trojan/spyware programs.
These programs report over 122 viruses/trojans/spyware. Any one of these
programs could have caused the partition to become corrupt.
The computer is now clean and ready to be used again.
Two things about this little scenario -
Don't let anyone install junk from My Space, Face Book, etc on your
computer.
Make sure the Anti virus/trojan/spyware is kept up to date.
If someone is using your computer check these periodically. The AVG had not
updated in over two months. My fault for not looking at the logs...
This site contains a lot of information. As
with any publication not all information is available due to space, time, or
subject constraints.
If you have a question that you did not find the answer
on this web site you a can
ask your question here and we will endeavor to get you the most up to date
answer possible!
