Bush October 4, 2008 Share Bush Member October 4, 2008 So my boss calls me earlier and has an error displayed on his computer. So I go over to take a look, keep in mind I'm a armature builder/trouble shooter. It won't even boot up into windows xp (running xp btw). When it boots up I get <windows root>\system32\ntoskn1.exe missing ... Me thinks it's a virus but I'm not sure. However since I can't get to windows I can't run any virus scans ect. Any one know away around this? Thanks in advance!!! Link to comment Share on other sites More sharing options...
Squire October 4, 2008 Share Squire Member October 4, 2008 I'm no guru either, but is there anyway you can get it into safemode by pressing F8? and trying to run a virus scan while your in safemode. I've never heard of that file before... I just did a search for it on google, and it just showed a bunch of crap... I'd give safemode a try! Link to comment Share on other sites More sharing options...
ZeroDamage October 5, 2008 Share ZeroDamage Member October 5, 2008 (edited) Looks to me like he is infected. A google search for that file only pulls up Russian websites. It definitely is not a part of the Windows OS. Download this, burn the CD and run a full scan on your boss's PC. Keep in mind that it doesnt' clean any viruses, it only renames the files to their name .virus so if it renames any windows files, windows will no longer function (not that it is now anyway). It will at least tell you if you are infected and it will connect to the internet and do an automatic definitions update. I will be using it on my brother-in-laws computer probably since it will not function in Windows at all after he got that nasty "Antivirus 2009" malware that is going around. I tried to remote in last night and it would not respond at all. Edit: The link. http://www.f-secure.com/linux-weblog/2008/...d-300-released/ Edited October 5, 2008 by ZeroDamage Link to comment Share on other sites More sharing options...
ZeroDamage October 5, 2008 Share ZeroDamage Member October 5, 2008 I could not get the live cd to update from the network and it could just be my network. I noticed the definitions were of May 14th of 2008 so I tried the USB way of things and that worked. You just use a completely empty USB drive with only the update file on it and the live cd will automatically update from the USB drive. Keep an eye on the pattern date when it loads up. It should have the year first, then the month and then the day. I am running right now one that looks like this: 2008-10-05_01. This is picking up a nasty "Antivirus 2009" infection that has made my brother-in-laws pc completely unusable. I am at 60% scanning and it has found 4 and I bet it will find many more by the time I get up in the morning. This is where you will find the latest update. Download this and put it on a USB with ONLY this on it and no other files or folders. http://download.f-secure.com/latest/fsdbupdate.run Link to comment Share on other sites More sharing options...
Cujo October 6, 2008 Share Cujo Member October 6, 2008 malware bytes. it gets rid of 99% of anything i've come across. Link to comment Share on other sites More sharing options...
ZeroDamage October 6, 2008 Share ZeroDamage Member October 6, 2008 malware bytes. it gets rid of 99% of anything i've come across. Yes, that is the way to go if the system boots and is usable. I had to use that rescue CD this past weekend because that Antivirus 2009 malware infected the winlogon.exe service and made it run at 100% all the time. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now