Try going to Pandaware.com. They have a free online scan to find viruses and remove them.
Go to MacAfee and see if they have a free download that will scan for and fix that particular virus.
This is a google link. Look at the list of links to the right on the google page. It gives several 'free' tools.
http://www.google.com/search?hl=en&ie=UTF-8&q=W32.Boxbax.C&btnG=Google+Search
Thought I'd PING you to this one...
I don't know anything about that particular virus, but there are several out there that disables your security protection and even prevents you from downloading micro-soft patches. I had my husband's IT guy come over to rid my computer of a virus and he found this was the case, in addition to the fact that there were three other people logged on to my computer every time I went on the inter-net. He deleted everything and re-loaded windows. It was all he could do.
REFORMAT TO FACTORY CONDITION. Either use the partiton on your D drive or use recovery disc (if you did not make any--tsk, tsk. not to worry. If you are still in warrenty have the computer company send them to yu. they generally do it next day air for free). You should be able to do it from your D partition though. I've gotten down to just 1.5hrs to reformat and reload everything. I do this every 8months regardless of how my system is working.
1. cancel the XP Restore feature (very important)
2. restart in the "Safe Mode"
3. Download the updates from Norton and then run a full system scan.
4. Restart computer in normal mode and reset the Restore feature.
This should take care of your problem.
Try here, it does a good good of catching a lot of virus
http://housecall.antivirus.com/housecall/start_corp.asp
What does this virus do to your system?
Ping.
To remove W32.Bobax.C use the following sections.
Before you begin: If you are running Windows 2000 or XP, and have not yet done so, you must patch for the vulnerability described in Microsoft Security Bulletin MS04-011. If you do not, it is likely that your computer will continue to be reinfected.
What to do if the computer shuts down before you can patch
This threat can cause Windows to keep shutting down and restarting. This can prevent you from installing the Microsoft patch.
Notes:
You may have to try this several times, as you only have about 20 seconds to do steps 3 to 6.
This will not work on Windows 2000.
To prevent the shut down, do the following:
Disconnect the computer from the network/Internet connection. (Disconnect the cable if necessary.)
Restart the computer.
As soon as Windows opens and you see the Windows desktop, click Start > Run.
Type:
cmd
and press Enter.
Type:
shutdown -i
and press Enter.
In the Remote Shutdown Dialog that opens, do the following:
Click Add, type your computer name into the Add Computers dialog box, and then click OK.
In the "Display warning for" field, type 9999.
Type the following text in the Comment box:
Delay Lsass.exe shutdown.
Click OK.
Reconnect the network/Internet connection.
Connect to the Internet, and get the patch. Then continue with the steps described below.
When you have patched your computer and removed the threat, you can re-enable the 20 second default warning if you wish.
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
Disable System Restore (Windows XP).
Update the virus definitions.
Restart the computer in Safe mode or VGA mode.
Run a full system scan and delete all the files detected as W32.Bobax.C.
Delete the value that was added to the registry.
For specific details on each of these steps, read the following instructions.
1. To disable System Restore (Windows XP)
If you are running Windows XP, we recommend that you temporarily turn off System Restore. Windows Me/XP uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.
Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations.
Also, a virus scan may detect a threat in the System Restore folder even though you have removed the threat.
For instructions on how to turn off System Restore, read your Windows documentation, or one the following article:
"How to turn off or turn on Windows XP System Restore"
Note: When you are completely finished with the removal procedure and are satisfied that the threat has been removed, re-enable System Restore by following the instructions in the aforementioned documents.
2. To update the virus definitions
Symantec Security Response fully tests all the virus definitions for quality assurance before they are posted to our servers. There are two ways to obtain the most recent virus definitions:
Running LiveUpdate, which is the easiest way to obtain virus definitions
These virus definitions are posted to the LiveUpdate servers once each week (usually on Wednesdays), unless there is a major virus outbreak. To determine whether definitions for this threat are available by LiveUpdate, refer to the Virus Definitions (LiveUpdate).
Downloading the definitions using the Intelligent Updater
The Intelligent Updater virus definitions are posted on U.S. business days (Monday through Friday). You should download the definitions from the Symantec Security Response Web site and manually install them. To determine whether definitions for this threat are available by the Intelligent Updater, refer to the Virus Definitions (Intelligent Updater).
The Intelligent Updater virus definitions are available: Read "How to update virus definition files using the Intelligent Updater" for detailed instructions.
3. To restart the computer in Safe mode or VGA mode
Shut down the computer and turn off the power. Wait for at least 30 seconds, and then restart the computer in Safe mode or VGA mode.
In Windows 95, 98, Me, 2000, or XP, restart the computer in Safe mode. For instructions, read the document, "How to start the computer in Safe Mode."
In Windows NT 4, restart the computer in VGA mode.
4. To scan for and delete the infected files
Start your Symantec antivirus program, and make sure that it is configured to scan all files.
For Norton AntiVirus consumer products
Read the document, "How to configure Norton AntiVirus to scan all files."
For Symantec AntiVirus Enterprise products
Read the document, "How to verify that a Symantec Corporate antivirus product is set to scan all files."
Run a full system scan.
If any files are detected as infected with W32.Bobax.C, click Delete.
5. To delete the value from the registry
WARNING: Symantec strongly recommends that you back up the registry before making any changes to it. Incorrect changes to the registry can result in permanent data loss or corrupted files. Modify the specified keys only. Read the document, "How to make a backup of the Windows registry," for instructions.
Click Start, and then click Run. (The Run dialog box appears.)
Type regedit
Then click OK. (The Registry Editor opens.)
Navigate to the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
In the right pane, delete the following value:
"random_characters" = "%System%\< random_characters >.exe"
Exit the Registry Editor.
Write-up by: John Canavan
Source:
Symantec
Thanks everyone. Yes, sorry about the typo, it is W32.Bobax.C. Mr. M has been trying to get it going with no luck and is ready to throw the thing out the window. He talked with our ISP but, being a man, wouldn't ask about the virus - hello, isn't that the reason he called? I've tried getting on Symantec but it was no help. Tried downloading Microsoft patch, no luck either. Will go through all your suggestions and if all else fails ----- ugh, will have to reformat I just hate losing everything because it takes forever to get it back and then some never gets back.
Thanks again. Off to work down the list of your suggestions.
Boxerblues offered EXCELLENT advice in post # 20. I have suspected my Norton at work had been 'disabled' for a few days. I had those classic emails from 'Microsoft' saying 'download this patch immediately', which always before had been flagged as a virus, but all the sudden Norton didn't show anything at all. Nor did I open them. When I tried the site mentioned in post # 20 the scan revealed I had a 'Netsky'. Norton did not catch it, nor had AdAware, nor had Spybot. Then at home this evening I tried the same scan, (which by the way is free). It found 4 trojans, all by the same name.
Previously today I could not receive any emails at home, although I knew they were there because I had sent at least one from work. (Could not get a connection to Outlook although I could get on the internet itself). Once the 4 trojans were deleted (as they could not be 'cleaned'), the emails came streaming through as usual.
It does take FOREVER to download and to scan, but it is worth the inconvenience to know how well the scan does work!
(Thanks, Boxer!!!!!!!!!!!)