I've got a trojan elephant! Help! - Mischel Internet Security Forum

Jobs | About | Blog | Contact

Download TrojanHunter Now
Free 30-day trial!

Latest TrojanHunter Version:
TrojanHunter 5.0

Order Now
License file delivered within minutes.

Welcome, Guest. Please Login or Register.

Aug 28^th, 2008, 1:55pm

   Mischel Internet Security Forum
   Malware
   Trojans (Moderators: Helena, Gavin_Coe, Magnus)
   I've got a trojan elephant! Help!

« Previous topic | Next topic »

Pages: 1

Notify of replies

Send Topic

Author

Topic: I've got a trojan elephant! Help! (Read 443 times)

nick_mallory
Newbie

Posts: 7

I've got a trojan elephant! Help!
« on: May 21^st, 2008, 1:06am »

Quote

Modify

Hi,

My computer has some serious issues which are being caused, I think, by a trojan which is refusing to let me fix them.

I opened a file which I obviously shouldn't have.

Yesterday my browser refused to let search engines work.

Then a host of rundll32.exe errors appeared regarding applications.

Then the desktop icons and start button disappeared.

If I try to start in safe mode I get "userinit.exe- Application error"
"The application failed to initialize properly (0xc0000005) Click on OK to terminate the application" which prevents me from logging on as an administrator e.g. at all.

I have downloaded combo fix, hijack this, your own anti trojan trial (which I'll buy if this fixes it!) and Kaspersky onto a flash drive but obviously can't load them onto the stricken computer and use them at the moment.

The sick computer has Norton 360 on it, which is, of course, completely useless at the best of times.

Is there any way to load combo fix etc onto the computer to run them?

Any help would be gratefully received!!

Thanks.

IP Logged

nick_mallory
Newbie

Posts: 7

Re: I've got a trojan elephant! Help!
« Reply #1 on: May 21^st, 2008, 1:16am »

Quote

Modify

A little extra info.

I can open Windows Task Manager and attempt to run a new task (e.g. an earlier download of Combofix) but then the rundll32.exe error pops up again followed by a cmd.exe - application error.

IP Logged

siliconman01
Global Moderator

Trojans! Chew 'em Up, Spit 'em Out...

Gender: male

Posts: 5594

Re: I've got a trojan elephant! Help!
« Reply #2 on: May 21^st, 2008, 1:26am »

Quote

Modify

Welcome to the forum nick_mallory Cheesy

Sorry that your computer is sick.

Can you run System Restore using a restore point prior to the start of this problem?

Also, please check the registry key below:

Go to Start/Run/Regedit and navigate to this key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon.

In the right pane under Userinit, Change the key to read:
C:\Windows\System32\Userinit.exe,

(Note: The comma after the Userinit.exe, is needed. )

IP Logged

______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!

nick_mallory
Newbie

Posts: 7

Re: I've got a trojan elephant! Help!
« Reply #3 on: May 21^st, 2008, 1:39am »

Quote

Modify

Thanks for your reply!

I did as you said, going through the task manager rather than the disappeared start menu. The entry under Userinit said 'WINDOWS' rather than 'Windows' and 'system' rather than 'System' but was otherwise the same, down to the last comma, so I changed the capitalisation. I'll see if this makes any difference.

Thanks again.

IP Logged

nick_mallory
Newbie

Posts: 7

Re: I've got a trojan elephant! Help!
« Reply #4 on: May 21^st, 2008, 1:45am »

Quote

Modify

Unfortunately i got the same Userinit.exe error when trying to run from safe mode. Is it possible to get to the system restore point through the Windows Task Manager as that's all that is working at the moment.

Thanks again.

IP Logged

siliconman01
Global Moderator

Trojans! Chew 'em Up, Spit 'em Out...

Gender: male

Posts: 5594

Re: I've got a trojan elephant! Help!
« Reply #5 on: May 21^st, 2008, 1:59am »

Quote

Modify

Quote:

Is it possible to get to the system restore point through the Windows Task Manager as that's all that is working at the moment.

Not that I am aware of.

I am assuming that you cannot log on into an Administrator account while booting into Normal Mode either.

If you go to START>PROGRAMS>Accessories>System Tools, is there a System Restore icon to initiate System Restore. If so, try it.

IP Logged

______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!

nick_mallory
Newbie

Posts: 7

Re: I've got a trojan elephant! Help!
« Reply #6 on: May 21^st, 2008, 2:09am »

Quote

Modify

Hi

My problem is that I have no 'start' button. If I turn the computer on normally, there is just the desktop photograph I have as wallpaper. There's no start button, no tool bar, no icons, no nothing. The same Userinit error comes up. I can't right click or left click anything. If I start it up in safe mode I essentially get a black screen, again with no start button or anything else to play with.

It's a tad annoying but I appreciate your help!

IP Logged

siliconman01
Global Moderator

Trojans! Chew 'em Up, Spit 'em Out...

Gender: male

Posts: 5594

Re: I've got a trojan elephant! Help!
« Reply #7 on: May 21^st, 2008, 2:30am »

Quote

Modify

It sounds like you need to do a repair installation of XP. Do you have CD of your XP? You would need to change BIOS to boot off that CD. The link below by MS provides info on the re-installation.

http://support.microsoft.com/kb/315341

Method 2 should get you back into service.

IP Logged

______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!

nick_mallory
Newbie

Posts: 7

Re: I've got a trojan elephant! Help!
« Reply #8 on: May 21^st, 2008, 3:33am »

Quote

Modify

Hi,

I managed to get the desktop back by finding the HP system restore folder (it's an HP computer) and using that.

A host of those rundll.exe errors came up, but I got the start menu back and was able to get to the system restore point.

Unfortunately that didn't work either! The computer said it was unable to restore to the last known good configuration and it won't let me access points in the past.

I have a removable flash drive with your TrojanHunter programme on it, so I installed it on the flash drive itself, rather than the hard disc, and am running it now.

It has so far found one trojan C:\nat\regfinder.exe (Generic.PolyCrypt)

I don't know if that was the source of the problem but I can access google through the browser now so things are looking up.

IP Logged

nick_mallory
Newbie

Posts: 7

Re: I've got a trojan elephant! Help!
« Reply #9 on: May 21^st, 2008, 4:42am »

Quote

Modify

Running spybot search and destroy I found 2 entries for Virtumonde and another in the Microsoft Windows System. I'll remove these as well.

I'll run the online Kaspersky check as well afterwards.

The rundll32.exe problem remains for combofix, so presumably whatever malware I had screwed that up. Is there anyway to reinstall that? I don't have a back up windows xp disc, the (entirely kosher) software was preinstalled.

Thanks again for your help and your product, which I will certainly buy and recommend to all.

IP Logged

siliconman01
Global Moderator

Trojans! Chew 'em Up, Spit 'em Out...

Gender: male

Posts: 5594

Re: I've got a trojan elephant! Help!
« Reply #10 on: May 21^st, 2008, 6:50am »

Quote

Modify

I recommend that you download/install SuperAntiSpyware (the free version) and run it too....in SAFE MODE if you can.

Be sure to download its latest definitions.

http://www.superantispyware.com

This may get you to the point that you can run Combofix.

If you can download/install Hijackthis, please post a HJT scan log for examination.

http://www.misec.net/forum/board/FAQ/1163329424

« Last Edit: May 21^st, 2008, 6:53am by siliconman01 »

IP Logged

______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!

Pages: 1

Notify of replies

Send Topic


« Previous topic \| Next topic »

Search

Members

Login

Register