| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 56546 | 2005-04-08 05:16:00 | Simple Virus the NAV cant get rid of | bmac8903 (7653) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 342732 | 2005-04-08 05:16:00 | ok, im running XP on a year old falcon northwest fragbox . the computer is working fine but a few days ago (maybe a week) i got this virus . at first it didnt effect me becuz i rarely shutdown my computer . but now, everytime i boot the computer and let it load, the computer lets me sign-in my user name, then just as my desktop is loading, a DOS window opens up and a line similar to "C:\Documents and Settings\Aaron_2\(randomnumbers)shutdown -t00 -s -f" appears in the black window, and the computer shuts down . if i can X-out the box fast enough the computer doesnt shutdown,but this has gotten harder to do . it seems as though the box pops up faster and i can only X it out 1 in 10 startups . however, i can start the computer in SAFEMODE with no problems . my father's IT guy said it was probably an "lssas" virus . so i googled LSSAS and google told me to search LSASS instead . so, i found a lot of viruses that effect the lsass . i downloaded some removal tools (including symantec's) . they didnt find anything on the infected computer . neither did NAV 2005 (recently updated), the microsoft anti-spyware, ad-aware, spybot s&d, and some other anti-spyware progams . those programs only found some spyware and only when the computer was running normally (not in SAFEMODE) . this virus is soooo annoying and i would LOVE some help . my friend told me to check around in the C:\Documents and Settings\Aaron_2 folder for any new files/folders, but i found nothing doing this . please, please help me . this virus is sooooooooooooo stupid |
bmac8903 (7653) | ||
| 342733 | 2005-04-08 05:49:00 | Try one of the online virus checkers like the Symantec (security.symantec.com) one. Have you had a look in your startup folder for any strange files? |
4bes (2848) | ||
| 342734 | 2005-04-08 06:15:00 | Try running a hunter/killer called Stinger (vil.nai.com) | pheonix (36) | ||
| 342735 | 2005-04-08 06:55:00 | bmac are you the one still using NAV? :) | theother1 (3573) | ||
| 342736 | 2005-04-08 07:22:00 | Since u can get into Safe Mode try this Boot into safe mode, go to start/run type msconfig, see whats under the startup tab . Tell us whats there . Any strange filenames Also, try this . Boot into safe mode again . Go to start/run type regedit . Then go here HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run And the 4 entries under this . Tell us what files are there . And also go here . HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run And the 4 entries under this . Tell us whats there . Whatever it is MAYBE running under one of these entries, and executing on bootup . |
Speedy Gonzales (78) | ||
| 342737 | 2005-04-08 07:31:00 | oh lol..........online virus checker.........hahaha....they'll have to be extremely quick i'd say hahah | drcspy (146) | ||
| 342738 | 2005-04-08 08:44:00 | . if i can X-out the box fast enough the computer doesnt shutdown,but this has gotten harder to do . it seems as though the box pops up faster and i can only X it out 1 in 10 startups . I assume you mean you were using your mouse to close the box, and if so, that is definitely far too slow . Alt-F4 will shutdown multiple pop-ups faster than they can appear so killing one box is no problem . I know that is no substitute for fixing your problem, but it is helpful to know . Cheers Billy 8-{) |
Billy T (70) | ||
| 342739 | 2005-04-08 10:08:00 | Make a shortcut in safe mode and type in shutdown -a and put it on the desktop. Call it Abort or something for now. Then try and go thru what I posted before. See what commands are showing there. If u think uve found the command or dunno what it does/is post back here, and let us know what the file/s, commands are. And once u think u have it, if it happens again in normal bootup dbl click on that abort and it'll stop it till u can fix it. |
Speedy Gonzales (78) | ||
| 1 | |||||