Is this caused by a virus?

[wolvers]

This has happened twice on my laptop now. Any ideas why?

First I got this.

Then this happened!

I don't get this kind of trouble with vista!

 

[ruffneck]

are you serviced packed up?

looks like sasser but microsoft patched it up

 

[bledd]

yeah blaster or sasser virus looks like

windows update tbh

in the run box type in


shutdown -a

press enter, will stop it shutting down

 

[wolvers]

yeah, fully service packed up.

gonna scan for viruses now.

 

[.walls]

Usual stuff - AV scan in safe mode (with respectable AV software) - if that's clean,
chkdsk c: /f (to make sure that the FS isn't corrupt)
sfc /scannow (to make sure the OS isn't corrupt)

 

[mattyrigby00]

msblast causes that but i thought msblast only affected xp with no service pack

 

[quackers]

Out of interest, what does avg pick this up as? I saw something very similar on a pc yesterday, i thought i'd cleared it but avg keeps picking up a NTrootkit.ac on the file Mfo54.sys.

Wont let me heal it or vault it, only happens at startup.

 

[quackers]

any ideas on this one?

 

[bledd]

what do you mean vault it?

disable system restore, remove the av tool you use now, install nod32/kaspersky, update and scan

 

[quackers]

Avg was installed, i did try the trend online virus scanner and that didnt pick anything up.

I'll install another anti virus and give that a go

 

[bledd]

disable system restore first..

viruses 'hide' in there

 

[Pulseammo]

If it is a rootkit like the name suggests, then it will have replaced core system files in order to hide other viruses from the operating system's APIs. Furthermore, if it has changed a system file, he likely can't clean it or "vault it" (I assume that is a quarantine), because the OS is protecting it. Rootkit, instant grounds for a format IMO .

 

[wolvers]

Well AVG hasn't found anything, although I didn't do the scan in safe mode so I'll do that now.