Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PC reboots - Want to know how to scan for viruses?

Status
Not open for further replies.
comptek

comptek

Technical User
Nov 8, 2002
102
0
0
US
Hello,
First I would like to apologize in case this is the wrong forum to be in.

Here is my problem I am working on a clone pc that is a P3 that has W2K pro. The problem is that the pc constantly reboots. I would make it past the post then I would get the normal windows splash screen after the splash screen I would get the disk integrity check because windows was not shut down properly (because it keeps re-booting). Well it passes the integrity check then it continues to load and I think right when it is about to get to the login prompt a brief blue screen error message pops up (about 1 second)and then reboots. Everything that I have discribed happends again and again. Post-fine, windows splash screen, disk integrity check - pass, bout to go to login screen then blue screen error, then reboot.

What I would like to do is check for viruses because I asked the owner if they had virus software and they said no. Could this be a boot virus? or is there a way to scan for virues with the situation I discribed? The easiest thing would be to format the drive but this is the CFO's son's pc, and when i told him about reformatting he kind of gave me the look like "your a computer guy its your job to fix this back to the way it was.

I know I dont have all the spec's for this pc but if someone can point me in the right direction of what else I can do. Is there ways of checking for adware/spyware/virues given my situation.

I would also like to add that the cfo said his son downloads music. So my guess is that he downloaded a virues that is causing the bluescreen/reboot. Not sure though. It could be the harddrive failing but like I said the integrity check passes. I have not done anything else to the pc because it is at home and I am at work right now. I just want to get some ideas for what to do when I get home.

Thanks Guys.

This site has helped me out many times in the past.

Charlie

Comptek
A+, Network+
 
Sort by date Sort by votes
You should be able to get into safemode. You also need to have a cd ready (from a usuable computer syster) to install every spyware, adware, malware, virus program in safemode. Run them all in safemode. XP has CD rom capability in Safemode I don't remember if W2k does or not.

It's hard to tell what he has on this thing with no anti virus protection and downloading music (from which site) ?

Adaware, hi-jack this, avg free edition, spybot, spysweeper, any of these should help, but you still might have to go to the registry current version/run and see what else is loading at startup. Checkout the startup folder under the Start/all programs too. Do all of this in safemode.

Look in add and remove programs to see if there are a hundred toolbars installed. I hate toolbars, everyone of them has spyware or adware or they take part of your bandwidth when you install them. Some of them you have to be online to uninstall, so get rid of what you can, then do the rest in normal mode.

Something to get you started.

I've fixed some of these computer systems. Do not get disgusted or angry, just work your way through it and it will be just fine.....charge lots of money as a deterrent for them to not do this again....If its a freebie another deterrent is to completely obliterate the OS and startover.

You might be able to get to the drive by slaving it to a known good computer system and run the anti-virus,spyware,adware, etc. from that system.


OK, I'm really done now. :)


lgebhart

A+, Network+, IC3
MAI for MS Office 2000
OSHA Outreach Trainer
 
Upvote 0 Downvote
Just a guess but if it has been reformatted lately with XP it is probably that crazy worm (MSBlast) that was lurking about last year, Everytime I reformat with my XP CD that was distributed in 2002 I have to run the patch again, might want to take a look at that...You get a system shut down box, it counts down usually less than a minute, then your back to booting up, you can try this if it is the blaster worm

To end the Blaster worm process

Press Ctrl+Alt+Delete.
Click the Task Manager button.
Click the Processes tab.
Click the Image Name column header to sort the processes alphabetically by name.
Look for a process named Msblast.exe. If you find it, click the name to select the process, and then click the End Process button.
Close the Task Manager.

Then go to and follow step 3 to remove the worm, there is a patch to download

Hope this helps out, happened to me and was about the last thing we thought of because the incident happened some time ago when this little worm was terrorizing most of us.

Good Luck
 
Upvote 0 Downvote
I have had this happen to me and it is important to take down the error code on the blue screen. It is incredibly difficult but that error code is the key. It took me some close attention and time to get the code but then I could find the answer. It has been a while and I don't remember what the problem was - sorry.
 
Upvote 0 Downvote
Thanks guys for your responses.

lgebhart- this is my fault I am sorry, but I forgot to add that safemode, and last know good config do not work also. It does the same thing. Safe mode looked promising because it loaded drivers 1 at a time and I saw it scroll but that did not work. It looked like it did but when it got to the point of where the login prompt was going to come up next it did not it just did the samething like described above. The same goes for last known good config. SORRY for not mentioning that in the begining.

Insanerage- I dont know if this was ever formatted for Win XP. I was told by my CFO that someone once did some "Work" to the pc but he could not go into any detail.

ycelong- I will try to get it but it is so fast that if you literally blink the message goes away. Is there a way to pause the screen or is there a log file some where that I can access via command prompt?

Based on what I have described, do you guys think that the harddrive is failing or could it be viruses? 2 of you seem to lean toward viruses, spyware, and 1 of you seem to think it might be hardware. I see both sides. And lgebhart I am hanging in there, the pressure of not reformating is on because like I said this is the CFO's son's pc and the CFO thinks that computer guys can fix anything, meaning get back to the way it was. Sad to say that this may not be the case.

Thanks guys.

Keep them coming.

Charlie

Comptek
A+, Network+
 
Upvote 0 Downvote
Comptek - in the absence of a history for this problem from your CFO, I'd suggest doing a repair reinstall:-


(you'll need to reapply latest service pack and visit windows update, but data, apps & settings are preserved).

This behaviour could be caused by bad hardware or bad driver as well as virus (which is why history of machine would be helpful).

If the repair reinstall doesn't fix it, I'd suspect a virus (unless someone changed one of hardware components and nobody's told you) - in which case slaving the drive in another machine which has AV software and running a full scan would be my next port of call (though I'm not sure this would pick up msblaster)

If still a problem after this I'd suspect the hardware (elimination approach to identifyu the culprit).
 
Upvote 0 Downvote
well, if it is a virus, then it's a pretty bad one to cause your system to crash before the loggon screen, personally, with the info you've given, I would bet on either a hardware problem or os corruption or driver corruption (of course, it could be a virus that's corrupted those things)

your best bet at this moment is probably to slave the hdd to another computer, and run a diagnostic from there, as has already been suggested...

if however you don't have that option, then you should try using a boot disk/cd to at least get into prompt, and from there you can edit the boot.ini and win.ini (not a pretty solution...)

--------------------
Procrastinate Now!
 
Upvote 0 Downvote
I know it goes fast. For me it took my eyes and another set staring at the screen to finally come up with it (and I don't know how many reboots!!)I also had to prepare myself to look at the right spot on the screen to get the next few characters!! I know it sounds crazy, but that is how I got the error code. It has been about six months so I don't recall the problem or the error code. Wish I could be more help.
 
Upvote 0 Downvote
Thanks to all that posted. Everyone has been a big help. The culprit to this whole mess so far was viruses. I was able to get the pc login. A friend of mine gave me a cd that was called "The ultimate cd". It acts like a hard drive that boots xp and it had antivirus utilities and that cleared 9 viruses. After that I rebooted and was able to get into windows. Guess what the pc never had anti virus protection. It had a famous file sharing program notorious for viruses. (Can anyone guess which one?).
Ycelong - I tried looking at the blue screen all I got was a partial "Stop" and 0x000????. Not sure what that was but oh well things seem to be workning.

Thanks for all of your help guys. Now I have to figure out how much to charge him.



Comptek
A+, Network+
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pmonett
  • Locked
  • Question
Need to change OS on HP laptop 1
Replies
10
Views
208
Rick998
Rick998
Bryan - Gendev
  • Locked
  • Question
Mouse not active after return for sleep WIN11
Replies
4
Views
179
xwb
xwb
hikermann
  • Locked
  • Question
How to Assign Action to F1 Key 1
Replies
3
Views
155
kjv1611
kjv1611
Servicios de Computacion
  • Locked
  • Question
How to backup server setup
Replies
4
Views
162
Servicios de Computacion
Servicios de Computacion
DrB0b
  • Locked
  • Question
Sandbox environment for URL research 1
Replies
6
Views
136
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top