close

Privacy guaranteed - Your email is not shared with anyone.

Help With Blue Screen Reboot

Discussion in 'Tech Talk' started by Riverweasel, Sep 28, 2004.

  1. Riverweasel

    Riverweasel

    Messages:
    88
    Likes Received:
    0
    Joined:
    May 27, 2003
    Location:
    SE Michigan (stuck in traffic)
    Background:

    My friend got a Dell with Windows XP home eddition.
    It came with McAffe Antivirus trial which expired before he even signed up for it.

    So he's been running without protection for, well, ever.

    Well I installed and ran AVG a free online antivirus program.
    It found at least 30 viruses.

    It cleaned all but 3. It could not delete them.
    Trojan horse "msconfg.cnf" or something like that.

    Now his machine blue screens and reboots at random.

    I remember a while back a virus that did this but I cant remember which.

    Any help on how to get this fixed would be greatly appreciated

    Thanks in advance
     
  2. AZ-Boog

    AZ-Boog

    Messages:
    531
    Likes Received:
    0
    Joined:
    Apr 19, 2002
    Location:
    Chandler, Arizona
    The best way to make absolutely sure that everything is nice and clean is to re-format and reload the OS.
     

  3. Riverweasel

    Riverweasel

    Messages:
    88
    Likes Received:
    0
    Joined:
    May 27, 2003
    Location:
    SE Michigan (stuck in traffic)
    Ouch.

    Oh well, I tried to tell him when he got the thing that he needs Norton Antivirus, Zone Alarm, Spy-Bot, & AdAware. 3 of the four are free for cryin out loud. That's what I use & I never had any problems.

    Thanks for your responce AZ-Boog :cool:
     
  4. srhoades

    srhoades

    Messages:
    2,814
    Likes Received:
    21
    Joined:
    Jul 14, 2000
    Are you scanning in safe mode? Check the registry for startup processes. If you can stop the virus from loading, then its a cinch to remove it.
     
  5. ronin_asano

    ronin_asano

    Messages:
    474
    Likes Received:
    0
    Joined:
    Apr 13, 2004
    also, turn off that default behavoir that reboots the machine after the bluescreen. i hate that. it prevents you from seeing the stop error, which can go a long way to helping you troubleshoot the problem.
     
  6. Riverweasel

    Riverweasel

    Messages:
    88
    Likes Received:
    0
    Joined:
    May 27, 2003
    Location:
    SE Michigan (stuck in traffic)
    No, I just ran the virus scan from normal startup. I will try safe mode today. I haven't got into the regestry yet, I was planning to run msconfig to see exactly what is loading on startup compared to what I have on my machine. Anything I dont have running on my startup will get un-checked from there. Hopefully that will stop the virus from loading. I'm not really an IT guy, I know just enough to be dangerous!! So I don't really want to mess with the registry too much unless I know for sure what I'm removing.

    How?

    Thanks everyone;f
     
  7. jack19512

    jack19512

    Messages:
    716
    Likes Received:
    0
    Joined:
    Aug 14, 2003
    Location:
    Hazard Ky
    I am not sure if the virus you are thinking of is the one that I remember but I think Microsoft came out with a security fix for a problem like your friend is having. I think it was on their web site for download. I have it saved somewhere.
     
  8. Toyman

    Toyman

    Messages:
    2,600
    Likes Received:
    36
    Joined:
    May 6, 2003
    Location:
    West Michigan
    Let me get this straight. You knowingly ran the computer without virus protection, did god knows what and contracted 30 viri, likely speading them to hundreds of other people, then you can't even write down the name of the trojan giving you problems - and you expect us to help you?

    I think the longer you are down the more of a lesson it would be for you.
     
  9. Riverweasel

    Riverweasel

    Messages:
    88
    Likes Received:
    0
    Joined:
    May 27, 2003
    Location:
    SE Michigan (stuck in traffic)
    Whoa, ease up guy. It's not MY computer.

    Before you flame someone you should learn how to read.;g
    In the future I wont seek any advice from the likes of you.

    thanks to everyone else of course:)
     
  10. Toyman

    Toyman

    Messages:
    2,600
    Likes Received:
    36
    Joined:
    May 6, 2003
    Location:
    West Michigan
    Ooops, sorry, I read it a little to quick. I read it as you got the computer from a friend.

    Since it's not your computer, I'll help. If you run the AV again, does it find the viri it could not delete? if so, post the exact name of what it finds, then it's easy to suggest a fix.

    You may also wish to do an XP repair or reinstall over the top, that would probably fix the problem files.

    Check and see what is listed in the Event Viewer right after the BSOD C:\WINDOWS\system32\eventvwr.msc

    To turn off auto reboot, go to Control Panel -> System -> Advanced Tab, Startup and recovery settings button, -> In the System Failure section, uncheck "Automatically restart"
     
  11. ronin_asano

    ronin_asano

    Messages:
    474
    Likes Received:
    0
    Joined:
    Apr 13, 2004
    right click my computer> properties> advanced> startup and recovery. uncheck the restart box under system failure.
     
  12. Riverweasel

    Riverweasel

    Messages:
    88
    Likes Received:
    0
    Joined:
    May 27, 2003
    Location:
    SE Michigan (stuck in traffic)
    No problem, I've done it too.:cool:

    I believe it will, I will post it asap.

    Will he loose what he has on it now?
    If he does, oh well, like you said it will be a good learning experience for him.

    Will do.

    Will this leave the blue screen up with an error code I can investigate?

    Thanks Mike and everyone
    I apologise for my earlier tone as well.;f
     
  13. ronin_asano

    ronin_asano

    Messages:
    474
    Likes Received:
    0
    Joined:
    Apr 13, 2004
    yes. that's why i suggested it originally. it might help get to the root of the issue with the machine.
     
  14. Riverweasel

    Riverweasel

    Messages:
    88
    Likes Received:
    0
    Joined:
    May 27, 2003
    Location:
    SE Michigan (stuck in traffic)
    Well, I was able to get rid of all but 2.
    The virus scanners I tried were AVG, AVAST, and TrendMicro.

    The Virus is "bytever.A" aparently its #5 on the list of world wide viri. It's in c:\windows\system32\msconfd.dll

    I folowed the instructions from trend micro on how to remove this, but it didnt work.:( So I renamed msconfd.dll and even changed the extention and ran the scan again but that didnt work either. I actually deleted msconfd.dll from his computer (even though I have no clue what it's for), & that didnt work, it still found bytever.A

    I had windows load in safe mode and could barely get past the login screen (it locked up several times). When I did finally get past the login, I could not get any antivirus software to run. Nor could I get to the internet to run an online scan.

    Besides a complete overhaul, I'm out of options unless you guys can suggest something else.

    thanks again

    :)
     
  15. AZ-Boog

    AZ-Boog

    Messages:
    531
    Likes Received:
    0
    Joined:
    Apr 19, 2002
    Location:
    Chandler, Arizona
    see my first post.

    ;)

    sorry it had to come to this, but it is the ONLY way to COMPLETELY be sure that everything is cleaned up.


    maybe your friend will learn a lesson from all of this and be more carefull in the future.


    best of luck.
     
  16. Riverweasel

    Riverweasel

    Messages:
    88
    Likes Received:
    0
    Joined:
    May 27, 2003
    Location:
    SE Michigan (stuck in traffic)