Looks like I got a virus on my home PC. Posting this in Safe Mode right now.

When the machine boots and the Windows (XP) desktop is up and loaded, it starts opening what appears to be a DOS prompt. It keeps opening them and opening them continuously as fast as the CPU can proccess it. If keep doing this so much so that I can'tdo anything.

In the blue/green bar at the top of the window is has:
C:\Documents and Settings\Owner\Application Data\Microsoft\ogorqmm\ogorqmm.exe

Google turns up zero results for "ogorqmm virus".

Anyone know what this virus is called and possibly how to fix it. I need a few more weeks out of this computer than I'm formatting the hard drive.

If you're in safe mode first try to delete that file. Then go to Start Menu->Run... and type in msconfig. Go to the startup tab and look fro ogorqmm.exe if it's there and uncheck it. If you try to delete the file and it says it can't because it's in use, then do the msconfig process, reboot, and then try to delete it.

If you're in safe mode first try to delete that file. Then go to Start Menu->Run... and type in msconfig. Go to the startup tab and look fro ogorqmm.exe if it's there and uncheck it. If you try to delete the file and it says it can't because it's in use, then do the msconfig process, reboot, and then try to delete it.
I cant get past the mscofig. Once I hit enter, it does nothing.

Try this:
http://www.bleepingcomputer.com/download/emsisoft-emergency-kit/ (http://www.bleepingcomputer.com/download/emsisoft-emergency-kit/)

I've personally used it with success in a very similar scenario.

If you're in safe mode first try to delete that file. Then go to Start Menu->Run... and type in msconfig. Go to the startup tab and look fro ogorqmm.exe if it's there and uncheck it. If you try to delete the file and it says it can't because it's in use, then do the msconfig process, reboot, and then try to delete it.

Ok, got there and there 100's of them listed there.

It's a basic fork "bomb". The virus may be wired to rename itself if you only delete the file.

You can try to use anti-virus scanners like the one that Casey mentioned (or use Trend Micro housecall or their desktop software - which is what I used on all our computers and phones).

If those don't work or you want to do it manually (not for the faint of heart - but a good f' you to the virus maker) here is a general approach I use - if any of the following makes you nervous don't try it and pay someone to fix

This one sounds basic so there may be a single chain (registry -> file -> process) - the trick is to remove the registry entries and process (and it's dependencies) from memory and then kill the file(s).
Boot to safe mode - should not need network so go with out.

Open Task manager and get a list of all processes in play - I'm familiar with what is on my computers and I still make a list...if it tries to spawn itself while you are "operating" you will need to know it.
You will need to use regedit to remove registry entries in HKEY_LOCAL_MACHINE->SOFTWARE and HKEY_CURRENT_USER - search for the exe name (though if you've tried to manually delete it first, it may have renamed itself). If there is an entry in Startup..start with that first and watch Task Manager to see if any activity on the virus or any new processes pop up. Remove all entries.

Now use task manager and kill the process (ogorqmm.exe or whatever) - find it n the task manager process list (you may have to "Show processes from all users") and it's dependencies by left clicking on the process and select End Process Tree.
Then, remove the actual file(s).

If the virus infects a system file or a file used by other applications then its a bit tougher deal - :/

I was going to suggest the same thing.
That is exactly how I would do it.

JJ

I was going to suggest the same thing.
That is exactly how I would do it.

JJ
I'm with Jerry, I use size 10s when I reboot though

Out of safe mode now. Had to dig and find the folder it all was stored from. Seemed to run from the trash bin too. I'm a completed "user" and could not have fixed it w/out the help from you guys.
Thanks.