Help! Trojan symptons, but no trojan found....

#1
XP machine, with all updates. Systemsuite 9.0 antivirus, Windows firewall.

PC working happily for many years, PC suddenly goes berserk - crash followed by crash/reboot cycle.

Stopped the crash cycle by using the OEM recovery disk to do a basic repair (but not full re installation). Now in this state:

- Windows boots - very slowly - to desktop
- No Windows bar at bottom
- No drivers loaded
- Mouse works
- Windows Explorer opens, but can't move/manipulate files
- Internet available via Firefox (but not IE, can't enter data in fields)
- some programmes work, other do not

On bootup, an error message box appears:

"HP AiO Device Object Server
Register Class Objects Failed: HRes = 0x800706BA
The RPC server is unavailable.
Maximum retry attempts exceeded"

Googling the above symptoms indicates that this is due to one of the "Blaster" trojans, although the reports tend to be 2 or 3 years old.

On the PC are already installed Spy Doctor, AdAware, Systemsuite. None of these are able to initialise for a sweep. Systemsuite is able run "registry fixer" and other tools, but these seem to have no effect on the problem.

Externally, I have downloaded onto the PC or via CD:

Windows Malware removal tool Oct '09: successful sweep, but reports no trojan/virus

Blastgui.com: successful sweep, but reports no trojan/virus

Spybot S&D: runs, but reports "can't find entry point into ... kernall..." , for nearly every malware profile. (Since there are 600k profiles to check, this is too many to sit there pressing the "cancel" button!)

Kaspersky rescue CD: runs, but seems to hang after a certain point (left it for 2 hrs, no sign of disk activity, yet it goes through full shut-down routine when cancelled)

Antivir rescue CD: successful sweep, but reports no trojan/virus.

DrWeb rescue CD: not yet tried.



So, a bit of a mystery: symptoms of a fairly old Trojan, yet it is not prevented or revealed by any current malware scanners.

Would appreciate any ideas/ or instructions in plain English. I have seen one or two web-pages where people fix this by editing about 5 pages of registry settings. Not sure I have the focus to do that accurately!

Would like to avoid a full re-install. Not only (sods law) had I "borrowed" my back-up external drive for a temporary task, but I'm not sure i can face reinstalling about six years' worth of downloads and tweaks....
 
#2
Have you tried booting up in 'Safe Mode', then re-running all trojan/malware tools? Also run your anti-spyware in 'Safe Mode'. It might work, or not. Its worth a try, but might take some time as 'Safe Mode' does tend to be a bit slow.....
 
#4
Bah, beaten to it by msr. Would definately suggest running Malwarebytes Antimalware, ive found this to be an extremely good anti-malware utility. Every time i have suggested it to people it has sorted their problem (assuming the problem is definately malware related).

If that doesn't fix the problem then I would tend to think that it isn't malware related.
 
#5
Comodo free firewall will tell you what applications and trojans are running, it also detected a trojan for me which my anti virus and spyware missed
 
#6
SepticNorman said:
Comodo free firewall will tell you what applications and trojans are running, it also detected a trojan for me which my anti virus and spyware missed
Which antivirus and spyware are you using?
 
#7
I use PC Tools spyware doctor (anti virus), and ad-aware, and have 'exterminate it' as a back up, with comodo as a fire wall.

I detected a trojan last week which was sucking the life out of my PC
 
#8
#12
#14
SepticNorman said:
msr said:
Well PC Tools is crap ( http://www.virusbtn.com/vb100/rap-index.xml ) and adaware not much better.

I would recommend you move to Avira ( http://www.free-av.com ) or Microsoft Security Essentials ( http://www.microsoft.com/Security_Essentials/ ) and Malwarebytes ( http://www.malwarebytes.org ). All of which are free ;)

msr
makes interesting reading, thanks for the advice.
Or if you like Comodo try their internet security suite (firewall and anti-virus), ive been using it for ages and find it fairly good. It has a free version (which is the one I use).

http://www.comodo.com/home/internet-security/free-internet-security.php

I still use CCleaner and Malwarebytes periodically aswell, maybe once a month or so.
 
#17
Thread starter Similar threads Forum Replies Date
BossHogg Gaming and Software 34
H Gaming and Software 8
PartTimePongo The Intelligence Cell 3

Similar threads

Latest Threads