1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

virus?

Discussion in 'Virus & Other Malware Removal' started by MyName, Jan 18, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. MyName

    MyName Thread Starter

    Joined:
    Oct 25, 2001
    Messages:
    316
    A friend of mine came to me with a problem. When she tried to start up her computer it prompted for Normal Mode, Safe Mode, etc. She went to Normal and it froze. When I went over I went to safe mode and everything looked fine and I tried to restart and it froze again. So I went back to to Safe Mode after turning the computer off and then on and she had mentioned that her brother had been looking at a lot of porn sites the night before. I'm assuming that it's probably a virus then. I scanned in safe mode for a virus using her Norton 2002 but nothing came up. I can't go on the Internet in her safe mode so I can't download a virus checker. Any ideas? THANKS!
     
  2. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    What windows version is this MyName?

    If 98 or WinME there are options for restoring a previous registry that might remedy the problem. And WinME and WinXP have options to do a "System Restore".
     
  3. MyName

    MyName Thread Starter

    Joined:
    Oct 25, 2001
    Messages:
    316
    Thanks for the fast reply! It is Win98.
     
  4. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    Ah, and sorry I missed your quick reply. In Win98, what I'd try first is to boot to a command prompt and then restore a previous registry. To do this, press and hold the ctrl key immediately when rebooting (or repeatedly tap f8).

    You should get the numbered startup menu, choose the "command prompt" option and at the c:> prompt enter:

    scanreg /restore

    use the arrow keys to select a started registry prior to the problem from one of the first 4 displayed. The oldest, or last on the list cannot usually be restored.

    see also...

    http://support.microsoft.com/default.aspx?scid=KB;en-us;q188867
     
  5. MyName

    MyName Thread Starter

    Joined:
    Oct 25, 2001
    Messages:
    316
    I did not work, I reset it to the thirteenth and it froze after it prompted us to restart again. Any ideas?
     
  6. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    Can you narrow down about when it froze after restarting? Did it do that immediately or after a period of loading files? I'd give it another try with a different date, you can select a more recent one, even the most recent there, since it will actually represent the last started registry.

    Anyway, as I understand it you can start in Safe Mode, so if that doesn't work, what I would do is to try following the startup troubleshooting procedures in the article I posted.

    I would begin by disabling autoexec.bat and the startup group. If it boots with autoexec.bat disabled alone, there likely is some antivirus scan running from there that is causing the freeze. If it still freezes after disabling both, the likelyhood is a hardware device problem.

    If it only freezes with the Startup group disabled, then something within there is causing it, and you can click the Startup tab to selectively disable individidual files.
     
  7. MyName

    MyName Thread Starter

    Joined:
    Oct 25, 2001
    Messages:
    316
    I forget what exactly it freezes on but it is for sure a DOS screen and i think it says the boot records or something (I may be wrong). But lets say we try to reboot from safe mode it will go shut down the windows regularly and go into the DOS like it normally does right before it would go back into windows except it freezes in that DOS screen. The cursor flashes at the top left but you cant type or do anything and I even waited almost an hour and nothing happened (obviously). Right now are we looking at reformatting the hard drive?
     
  8. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    If you can't get scanreg /restore to fix this try entering the command

    scanreg /fix

    But do I understand correctly that you can start in Safe Mode?

    What happens when you run msconfig and disable the startup group, config.sys and autoexec.bat ? Does it still hang?

    If so, click the Advanced tab in msconfig and put a check in VGA 640x mode to load standard VGA drivers. If it loads then, you have a Video driver probem, and they probably need reinstalling.
     
  9. MyName

    MyName Thread Starter

    Joined:
    Oct 25, 2001
    Messages:
    316
    I'm not sure on how to do the disable startup group, auto-exec and config.sys. I got to the msconfig, but I'm not sure exactly which tabs/buttons I am supposed to press. Thanks!
     
  10. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    On the first screen, the "General" page, you will see some options to enable or disable (process) the starting of whole groups of files. Just use that to temporariliy disable the groups for testing. If you isolate the problem to one of those groups, then there are separate tabs for each, under which you can de-select individual startups for testing. Have no fear about using it aggressively, nothing is removed and everything is reversable.

    Here is Microsoft's Howto...

    http://support.microsoft.com/default.aspx?scid=KB;en-us;q281965
     
  11. MyName

    MyName Thread Starter

    Joined:
    Oct 25, 2001
    Messages:
    316
    Alright, my friend (who isn't too computer savvy) tried to fool around on it and she went to some troubleshooting thing on the computer and it says to do what you said about disabling some things from the msconfig menu and she said it worked up until the Windows password file screen, but it froze again. She also said that somewhere on the hardware screen had a red x in it, and there were two 'Unknowns', but she didn't remember what they were. I'm not sure if they were always there, or if it was just a recent finding. Not sure if any of that info helps, but I will be going over there tomorrow to see if there is anything else I can do. If you have any other ideas, I would appreciate it. Thanks!
     
  12. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    It's getting tough to unravel. It might be a good idea to delete all the password lists, which can become corrupted. This is done by doing a File Search for all *.pwl files and deleting each. If the password box comes up on restarting just hit enter and continue.
     
  13. MyName

    MyName Thread Starter

    Joined:
    Oct 25, 2001
    Messages:
    316
    I did everything you guys said, but nothing appeared to help. When I changed the settings in MSCONFIG it still froze. I deleted the password files, tried a boot disk, but couldnt get anything to work. My assumption is that there is a virus in a startup file. I figure this since the safe mode doesnt use these files, so when I scanned in safe mode nothing came up since the virus would be in the startup files. But since I can't get to normal mode I cant get it. There were no hardware conflicts as she thought there might be. So I said to give a computer doc a call and get them to come out. I dont know what else to do.
     
  14. Rollin' Rog

    Rollin' Rog

    Joined:
    Dec 9, 2000
    Messages:
    45,855
    A full scan in safe mode would still detect virus files, assuming the definitions were up to date. The fact that safe mode doesn't load the startups into memory doesn't prevent them from being scanned on the drive itself.


    You might try running msconfig again in Safe Mode and clicking the Advanced tab. There you will see two options that are worth trying:

    >>one is to check the VGA 640x option for loading basic video drivers; this will result in a safe mode type display, but otherwise normal startups.

    >>the other is to check "force compatibility mode"; this keeps certain types of drivers from loading, will result in slower operation and is not a "fix" even if it works, but it would give some clue as to what is going on.

    Does she have a Windows CD to do a reinstall from? That might be the best resolution at the moment.
     
  15. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/114026

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice