blue screen of death (BSOD) at boot after malware clean

[Dabbler]

My friends was infested with browser hijack and trojans... after Spybot the
system boots ok into safe mode but shows BSOD on normal or diagnostic
startup. Doesn't have the Dell recovery CD which I was thinking of using for
repair install. He does have I386 folder on his hard drive.

Any suggestions on how to proceed here? Any help would be appreciated.

Note... My Computer/Properties shows the text "VIRUS ALERT!" on the general
tab, I've never seen this before and am presuming this is something placed
there by a virus to induce a purchase.

Thanks!

Windows XP Home SP2
Dell Dimension 8400

 

[Ken Blake, MVP]

My friends was infested with browser hijack and trojans... after Spybot the
system boots ok into safe mode but shows BSOD on normal or diagnostic
startup. Doesn't have the Dell recovery CD which I was thinking of using for
repair install. He does have I386 folder on his hard drive.

Any suggestions on how to proceed here? Any help would be appreciated.

You say "trojans" (plural) but don't say how many. Any time a computer
is infected with multiple instances of malware, it is very difficult
to be able to clean everything completely. He is probably still
infected, and his best course may well be to do a clean reinstallation
of Windows. It is unlikely that a repair installation would help him
(a recovery CD doesn't permit a repair installation anyway).

He should contact Dell to find out how to do this.

 

[Dabbler]

Thanks Ken. I agree with you about the system still being infested.

I think there may be a way to create a bootable CD using the I386 folder,
I'll have to do some more research here. Unfortunately his warranty has
expired and he's up to his ears in school loans, so the forums are more
affordable than paid support I've suggested a re-install but A. we don't
have his XP Home CD and B. he wants to keep the photos from all his travels
he's never backed up. Yep, another guy who thought it could never happen to
him. I could take his hard drive and slave it into another system to copy off
data files....but I'm too scared to do that.

P.S. I can't believe after all these years this newsgroup web interface
still has bugs in it.

 

[PA Bear [MS MVP]]

Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315

Run a /thorough/ check for hijackware, including posting your hijackthis log
to an appropriate forum.

Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware

When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for review
by an expert in such matters, not here.**

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.

 

[Ken Blake, MVP]

Thanks Ken. I agree with you about the system still being infested.

I think there may be a way to create a bootable CD using the I386 folder,
I'll have to do some more research here. Unfortunately his warranty has
expired and he's up to his ears in school loans, so the forums are more
affordable than paid support I've suggested a re-install but A. we don't
have his XP Home CD and B. he wants to keep the photos from all his travels
he's never backed up. Yep, another guy who thought it could never happen to
him. I could take his hard drive and slave it into another system to copy off
data files....but I'm too scared to do that.

P.S. I can't believe after all these years this newsgroup web interface
still has bugs in it.

The newsgroup web interface is still the *worst* possible way to use
the newsgroups. It's the slowest, clunkiest, most error-prone method
there is. Do yourself a favor and switch to a newsreader, such as
Outlook Express, which comes with Windows. See
http://www.michaelstevenstech.com/outlookexpressnewreader.htm

 

[cheley_bonstell88]

You say "trojans" (plural) but don't say how many. Any time a computer
is infected with multiple instances of malware, it is very difficult
to be able to clean everything completely. He is probably still
infected, and his best course may well be to do a clean reinstallation
of Windows. It is unlikely that a repair installation would help him
(a recovery CD doesn't permit a repair installation anyway).

He should contact Dell to find out how to do this.

I did something DUMB ! and ended up with a browser hijacker..
- tried McAffe ( NG) & others,

finally contacted Dell who sent me a disk

then we just formatted the HD & reloaded Windows XP..

- No Charge !

I really Like Dell


And, as an after thought, It's a shame Vista is all about Security,
but with the number of bad things out there,
thats its strength I guess.