Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Desktop window manager is disabled after removing trojan with tdsskiller


  • Please log in to reply
5 replies to this topic

#1 cpostings

cpostings

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 26 August 2013 - 07:19 AM

Hi, im new to the forum and hope somebody could help me. Ive recently had major problems with the Zeroaccess trojan which i think (not positive) I have removed. However since running Kaspersky Tdsskiller my Aero function wont work, the trouble shooter says themes service isnt running and desktop window manager is disabled, and i got an error message saying themeservice.dll is missing. I have tried all kinds of things suggested on forums, such as the troubleshooter, restarting the DWM session manager through services.msc and through the command prompt net stop uxsms / net start uxsms. Any ideas? Would be greatly appreciated.

 



BC AdBot (Login to Remove)

 


#2 sikntired

sikntired

  • Members
  • 946 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:13 PM

Posted 26 August 2013 - 10:16 AM

It's very possible there may be remnants left of the infection if your attempts failed to remove entirely. This could be a very distinct possibility.

 

However if you were to proceed with the thought your system in infection-free I would have to suspect a driver issue. And since your Aero function is not working properly I would look to the Aero troubleshooter which apparently you have.

 

With that in mind get the latest driver for your graphics card from the Manufacturer's website and download the one that is applicable and download and install and see if that solves the problem.

 

Check your Manufacturer's details from DirectX Diagnostic Tool.

 

Open the Direct X Diagnostic Tool. To do this, click Start, type dxdiag in the Start Search box, and then click dxdiag.exe in the Programs list.

 

Click the Display tab. Under Device, look for Name and Manufacturer then exit.

 

ZeroAccess is a very serious infection and would advise asking for assistance from our Malware Response Team if the above does not help.

 

Good Luck

 

Regards............



#3 cpostings

cpostings
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 26 August 2013 - 12:45 PM

Hi, thanks for the reply. Yes i think there may be some remnants of it left on the system, i just dont know how i would go about removing them.

 

I took your advice and ran dxdiag to find the graphics card driver, went to AMD website and downloaded the program for updating them, but after it had run through its process said that graphics and audio drivers had failed. 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:13 PM

Posted 26 August 2013 - 08:08 PM

Hello would you post the TDSS log, a detailed log written to the file called report.txt. This report will be created in the same folder that TDSSKiller resides in.TDSSKiller.exe -l report.txt


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 cpostings

cpostings
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 27 August 2013 - 11:09 AM

Hi, does it have to be the exact report from when I discovered the problem, because that was about a week ago, and having thought I had fixed it I removed the tools I had used. Or can it be a fresh report that I will run now? 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:13 PM

Posted 27 August 2013 - 07:50 PM

I was just interested in what was found certain infections need specific removal.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users