Tricky problem

  Aznagroth 15:17 28 Jan 2004

I am having problems with a virus or equivalent. I really don't know what it is because I'm unable to identify it.

When I start my computer a dialogbox opens and dowloads, or installs something. I can't see what it is because it only lasts for less than a second, but it looks just like a normal optionbox when you run a .exe file. I have tried to take a screenshot, but because this program makes me unable to start other programs I cannot paste the screenshot to mspaint. I have removed all programs supposed to start at startup, I have scanned my system with at least 3 different virusscanners. I have used spybot search and destroy. But nothing seems to work.

What am I supposed to do? Are there any programs able to find what it could be? Is there a way to check if my RAM could be infected? If so, how do I clean it? I have removed all items from the startup, why does this program still starts? Wich executable starts it? How can I open mspaint when it don't want to be opened?

I will apreciate any help you can offer

  plsndrs3 15:54 28 Jan 2004

I am posting in part to help get this back to the top so that others can see it again.

As I understand it, RAM is only in use whilst the PC is active and when you turn the PC off the RAM is cleared. IF you have an infection then it is most likely to be in the boot sector or the harddrive somewhere.

You say you have stopped everything loading at startup - but how? If you simply disabled from the startup folder in windows, then I would suggest using MSConfig [start>run> type MSCONFIG and click on run]. Have you tried starting in safe mode and then loading each driver in turn as you may be able to verify a rogue/corrupted file? 3 virus scans would tell me that you are unlikely to be infected - subject to them all being up to date of course - but bringing this back to the top might get another posting from someone better qualified than I.



  LastChip 15:56 28 Jan 2004

click here for an example, but you really need to download and make the disc on a "clean" machine.

Then boot from the floppy, and follow the menu's.

  Gongoozler 15:56 28 Jan 2004

Hi Aznagroth. If you have Norton Antivirus, this could be responsible. In Internet Explorer, go to Tools - Internet Options - Advanced. Look under the Security heading and remove any ticks in either "Check for publisher's certificate revocation", or "Check for server certificate revocation (requires restart)"

  Aznagroth 05:33 29 Jan 2004

Thank you all for your help so far. I have done some more testing and I have found that the dialogbox that appears when I start the computer says: downloading file from c:"location of the program I try to start" It gives me the options of open, save, cancel and more info. Like any other normal dialogbox. Only problem it closes at once. I get this problem in secure mode when I'm not logged in as an administrator too.

I have found a way of running programs that might give you proficient in computing a clue to what's wrong with my computer. If I rightclick and select "run as.." I get a box wich gives me two options.

"wich user do you want to use to run this program?"

[checkbox] current user (computername/username)
[checkbox] protect my computer from unauthorized program activity (this can prevent computer viruses from harming your computer or personal data, but selecting it may cause the program to function improperly)

[checkbox] the following user
(choose username and password)

I hope this will give you enough information to help me to solve this problem


@plsndrs3 I have used msconfig to disable files running in startup. I haven't tried running one and one driver at a time, because I don't know how to properly do this.

@LastChip thanks, I will try it when I get my hands on my friends computer

@gongoozler I have now unchecked "check for publisher's certificate revocation", but it didn't seem to have any effect, thanks anyway

  Forum Editor 07:14 29 Jan 2004

Go to Start and select 'Run'

now type in the box: msconfig - and click OK

Select the startup tab and look at the list. Remove the tick from anything that looks unusual and restart the computer. Ifd you still get the strange box opening try again and again, each time removing something until you get a result.

If that doesn't work go back into msconfig and this time select the services tab. Now tick the box marked 'Hide all Microsoft services'. Now remove all the ticks and restart. If the machine starts normally, without the strange box, add back the services one at a time until you hit the one that's causing the problem.

  Aznagroth 15:17 29 Jan 2004

I have unchecked absolutely everything using msconfig, still programs wont open normally.

Is there a way to decide what happens when I rightclick on a file and select "run as.."?

  plsndrs3 18:38 29 Jan 2004

Just checking that I understand this correctly: you are unable to use the PC as this 'program' stops all the others loading, but you HAVE managed to run 3 virus sweeps [all negative] and have disabled all non-essential programs in both MS Config & via Windows Startup. The problem also manifests itself in secure mode.

Assuming that all this is correct, have you run a line-by-line startup in Safe mode? This will only load one [driver] item at a time [e.g. CDRW/Floppy Disk/Monitor/etc] and should highlight when a problem is reached by refusing to load more. You then re-run Safe and bypass the offending driver and see whether it is vital to the PC or Windows to load. If it is, a repair to Windows may be necessary & I have quickly glanced above but cannot see which version of Windows you are running to advise further. If XP, you may be able to use a restore point to when the PC was working correctly.

Have you recently installed some new hardware or software?


  Aznagroth 04:32 31 Jan 2004

The problem manifested itself in secure mode when I logged in as myself, not the administrator(wich is only available in secure mode) My own user do have administratorprivileges since it's the only user on my computer. Anyway I use XP home-edition. At this moment I have totally given up and have tried to format my computer. And guess what. "invalid partition table" is what I get when I restarts my computer after installing windows. I'm tired now. I don't have a clue on what to do. I will close this thread because my problem isn't relevant any more. But I will most likely start a new one where I ask how I can get windows installed properly.....

Thanks to everyone who has been helpful

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

iMac Pro review

See iconic duo Smith and Foulkes' epic animation for the BBC's Winter Olympics coverage

iMac Pro review

Idées cadeaux pour geeks et tech addicts