regedit, msconfig, Norton shuts down when started

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by dwagg, Oct 12, 2004.

  1. dwagg

    dwagg Private E-2

    Hi,

    I have a problem that I cannot figure out. I have an XP machine that will automatically shutdown regedit, and msconfig. I have loaded Norton Anti-virus and when it goes through the pre-install virus checking it shuts the computer right off. I have bypassed the pre-install and have loaded Norton now. Norton is on my desktop but is not in my taskbar. The computer will not allow me to register the software, it just shuts down the Anti-virus software.

    I am at a loss. Can anyone help me figure out what might be going on with this computer?

    Thanks
    Dave
     
    dwagg, Oct 12, 2004
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Oct 12, 2004
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Oct 12, 2004
    #3
  4. dwagg

    dwagg Private E-2

    Hi Chaslang,

    Thanks for replying.

    I'm sorry I posted this email before reading the "Basics for Spyware" at the beginning of this forum. I am attempting to follow all the procedures layed out in that thread. I have downloaded all the programs and have just started the Trendmicro scan. It is taking a very long time to run. I watched the processes running and noticed the CPU hit 100% alot of times. I also noticed that it looked like one of the svchost executables was bouncing up and down in processor time.

    This is going to be quite a learning experience for me. Please be patient with me. I'm going to try and follow the initial instructs to see if this works.

    I did go to your attached link and it sounds like what is happening to me. So I'll try it when I get through all the scanning programs I've downloaded...

    Talk to you soon,

    Thanks
    Dave
     
    dwagg, Oct 12, 2004
    #4
  5. dwagg

    dwagg Private E-2

    Hi Chaslang,

    Trendmicro scan found WORM SASSER.B, BAT SASSER.A and WORM AGOBOT.GEN (3 of these). They are non-cleanable.....can I just use the DELETE button to remove these or is there another process?

    TTYL
    Dave
     
    dwagg, Oct 12, 2004
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Give this a try: W32.Sasser Removal Tool 1.04
     
    chaslang, Oct 13, 2004
    #6
  7. dwagg

    dwagg Private E-2

    Hi Chaslang,

    I ended up attempting the SASSER.A and B delete using the Trendmicro scan...

    Should I still run the removal tool?

    Sorry for not waiting for your reply.

    Dave
     
    dwagg, Oct 13, 2004
    #7
  8. dwagg

    dwagg Private E-2

    Hi Chaslang,

    I ran the SASSER removal tool and it didn't find anything. Could the Trendmicro software deleted them cleanly when I selected the delete option?

    I still have AGOBOT.GEN found 3 times. Should I use Trendmicro to delete these too?

    TTYL
    Dave
     
    dwagg, Oct 13, 2004
    #8
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes, if it will. Also run Stinger from the READ ME. And possible some of the Alternate Scans mentioned would be useful. Make sure you run A-squared.
     
    chaslang, Oct 14, 2004
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds