hp mini 311 running windows xp home 2002. AVG free v2011 scan shows 4 pairs of
Trojan horse Agent_r.XJ infections at files:
c:\windows\system32\wuauclt.exe (2444):\memory_001b0000
c:\windows\system32\wuauclt.exe (2444)
c:\windows\system32\svchost.exe (5428):\memory_001a0000
c:\windows\system32\svchost.exe (5428)
c:\windows\system32\csrss.exe (968):\memory_00270000
c:\windows\system32\csrss.exe (968)
c:\windows\explorer.exe (1376):\memory_001a0000
c:\windows\explorer.exe (1376)
The 4 with "memory" reference ae commented on as "Obect is inaccessible."
AVG indicates it removes/heals 4, but 4 are not removed or healed. I reboot
and run the AVG scan again and all 4 pairs are detected again. I've run mbam
and sas and they do not detect these trojans. The machine also exhibits odd
behavior. After booting up WZC is turned off and I am unable to View
Available Wireless Networks. I can restart it from services but it will
eventually get turned of again. I also intermittently lose internet access
and Windows Security Center indicates "Windows Firewall settings cannot be
displayed because the associated service is not running. Do you want to
start Windows Firewall Service Y/N?" If you choose yes windows will try to
start the service but then indicates it cannot. I've found that I can open
a cmd window and enter: netsh winsock reset. This gets my internet access
back and Windows Firewall settings can again be displayed.
Back to top
