Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Virus problem

  • Please log in to reply
2 replies to this topic

#1 philkarlin


  • Members
  • 2 posts
  • Local time:01:45 AM

Posted 20 August 2005 - 02:14 PM

I've spent a week trying to figure this out. I have a machine running XP pro, Bit Defender Anti-virus, hardware firewall, windows update and virus defs on auto and up to date (as of ~ august 10). I have all the symptoms of the MSBlast worm, but I can't find it on the system. I have run my regular anti-virus, the Symantec MSBlast removal tool, MacAfee Stinger removal tool, Microsoft MSBlast removal tool.
I have searched the system32 folder for suspicious files.
I have looked for any alternate names I could find, including teekids.exe, mslaugh.exe, enbiei.exe.
I have checked that the lsass.exe running in processes starts with an L and not an I.
I have installed Zone Alarm free.
I have disconnected my ethernet cable.

Specific symptoms include
the "The System is shutting down...NT Authority/system" message,
copy and paste are disabled. drag & drop are disabled.
system is very slow to boot.
Network connections are unavailable (not there at all).

If it's a virus, what is it? could it be something else?

BC AdBot (Login to Remove)


#2 tg1911


    Lord Spam Magnet

  • Members
  • 19,274 posts
  • Gender:Male
  • Location:SW Louisiana
  • Local time:12:45 AM

Posted 20 August 2005 - 03:48 PM

I suggest you post a HijackThis log for examination.
A member of the HijackThis Team will show you, step by step, how to disinfect your computer.

Read How to post a HijackThis Log.
Please read, and follow, all directions carefully.

Then, run a log, and post it in the HJT forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 philkarlin

  • Topic Starter

  • Members
  • 2 posts
  • Local time:01:45 AM

Posted 20 August 2005 - 08:34 PM

I'd like to, but the sick machine has no network connection, and no ability to copy or paste. an attempt to write the log file to CD was unsuccessful. I was able to print a hard copy of the log file, which I'd be happy to fax or scan and post/attach as an image if you would like. Let me know.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users