Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Urgent - Possible Trojans In Startup/task Manager


  • Please log in to reply
2 replies to this topic

#1 Whitesugar

Whitesugar

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 07 July 2006 - 06:15 PM

Dear Forum Members,
This morning I went to turn on my PC and noticed that it was slightly slow, but otherwise fine. After turning it off to go out for an errand I came back to notice it took ages to boot into the desktop. The Dell and Windows XP loading screens ran by fine- just as usual or to be expected. But then my desktop comes to view, and the wallpaper is the only thing that's shown. The mouse is there, but there are no: taskbars, icons, programs loading besides the default explorer/windows system files in the msconfig, etc.

After roughly 10 or so minutes, I can finally access my desktop.

ZoneAlarm will not even boot up. It does not give an error, it just won't boot. Period. VSMON keeps flashing on and off in the Startup/Task Manager.
I tried to manually open it, and it won't. It's just like I never tried to execute it at all.

AVG will not boot it's Control Center, but can be accessed by manually clicking the icon to execute it.
It displays the Email Scanner as nonfunctional and it cannot be turned on. Icon is grey in quickstart/taskbar.

Nothing else will show up.

My DSL connection says it's completely disabled by the ISP/Networking Icon that has suddenly shown up in the taskbar. When I go to click "repair", it gives me an error and states my IP address is non-valid and shows as 0.0.0.0.0 etc.

But the router is fine and so is the modem, the connection is technically on. It is routed to another computer, which is the one I'm accessing the internet right now, and everything is fine.

Some odd things have appeared in my Task Manager when I hit CTRL + ALT + DEL that was not there before.

SMSS.exe
CSRSS.exe
LSASS.exe
WDFMGR.exe

What are these?.

I ran spyware/malware/adware programs such as: Lavasoft, Spybot, a2 square.
And have done: AVG Virus Scan

The only problem is that because the internet connection is not working, I cannot update any of them and Microsoft Update won't run because of the same problem.

What should I do?. I'm in panic mode. I cleaned my computer by running Disk Cleaner and have even cleaned files that I no longer need-- including uninstalling old programs I no longer use.

To be honest, I have not completely followed all directions regarding cleaning of my Root directory etc, as I feel because these unknown programs have popped up in my Task Manager I want to be sure they aren't Trojans. Bleepingcomputer's startup list has reported them as Trojans, and I want to confirm if they are and how to remove them.

Thanks for any help.

BC AdBot (Login to Remove)

 


#2 ThorXP

ThorXP

  • Banned
  • 880 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 07 July 2006 - 06:23 PM

I suggest you post a HijackThis log for examination.
A member of the HijackThis Team will walk you through, step by step, how to disinfect your computer.
Once you post your log, don't make any changes to your system, as that could change the results of the posted log, making it difficult to properly clean your system.

Read Preparation Guide for use before posting a HijackThis Log.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Please read, and follow, all directions carefully!!!

Then, run a log, and post it in the HijackThis forum, at this link below.
http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/ Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, as these people are volunteers. They will help you out, as soon as possible.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.

#3 Whitesugar

Whitesugar
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:14 AM

Posted 07 July 2006 - 07:24 PM

Minor problem. Because I can't even access our shared folder, how would
I go around getting a Hijack Log off of it?. I'll see if burning a CD with the file
works, as this computer unfortunately lacks a floppydisk.

Thanks for the suggestion, I'll try and follow!.


Edit: Thankfully, it worked after awhile. Posted in Hijack This! Log forum.

Edited by Whitesugar, 07 July 2006 - 09:41 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users