Infected with a trojan but virus software doesn't pick it up

[NightCrawler]

AVG doesn't detect that I'm infected with trojan, userinit.exe is taking over any attempt to access the internet. No program will work unless I give userinit.exe access.

Bloody crappy software :disgust:

 

[Mem]

WinTasks Process Library



userinit - userinit.exe - Process Information
Process File: userinit or userinit.exe
Process Name: UserInit Process
Description: Used to run programm before shell starts.It runs logon scripts, reestablishes network connections and starts the Shell.
Company: Microsoft Corp.
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No
Common Errors: N/A

Link.

If you are still worried download


A2 Free anti-trojan software.

 

[NightCrawler]

It happened agian, it wants to be the parent of whatever app tries to access the net.

Something is not right ?

 

[ntrights]

Originally posted by: NightCrawler
It happened agian, it wants to be the parent of whatever app tries to access the net.

Something is not right ?

tighten IE's security Custom Level button for internet. it wont get rid of any trojans but could help preventing from getting one.
Edit: Browser test!

 

[Nemmeh]

boot into safe mode and try and get rid of it.

 

[NogginBoink]

Please tell us what the real symptoms are.

You probably DON'T have a trojan. Userinit is a very key piece of the operating system software. Exactly what problems are you having and what are the exact error messages?

 

[NightCrawler]

Originally posted by: NogginBoink
Please tell us what the real symptoms are.

You probably DON'T have a trojan. Userinit is a very key piece of the operating system software. Exactly what problems are you having and what are the exact error messages?

You are correct there, if I block it completely I can't even access the local network. Just have to write a rule for it that it can only access my local network and DNS.

 

[Slickone]

Originally posted by: ntrights tighten IE's security Custom Level button for internet. it wont get rid of any trojans but could help preventing from getting one.
Edit: Browser test!

Or dont use IE.

 

[AndrewPaulNet]

Norton AV 2003 and 2004 are on http://www.pricewatch.com for like 20 bucks, even less. I'd SERIOUSLY suggest you get your hands on a copy.....

Your problem sounds very familiar, but it was another filename. Don't remember the details, I DO remember that it was a name VERY CLOSE to system software. It was some program that had set itself up, and set itself to run on win xp startup that would proceed to hijack the net' connection. It was difficult to recognize because I couldn't spot anything out of the ordinary running....it was so good that it was running right beside the REAL filename and it was still difficult to spot.

My problem however was as simple as deleting the original exe and the one it made. Norton 2k4 picked it up. To be noted - the virus wasn't on my PC, it was on a friend who was running Mcafee. All I did was uninstall Mcafee, put N2K4 on the person's machine and then run it. It found the culprit, then all I had to do was delete the directory in safe mode.

 

[Smilin]

If userinit needs system access and your systemidle process keeps taking over the cpu, you're definately infected!!!!



Seriously, userinit is somewhat of a bitch to infect. You might check to see if some mysterious second copy of it is running though.

 

[imported_Phil]

AndrewPaulNet: You're talking about that virus that masqueraded as "scvhost" instead of the real "svchost". The name escapes me, but it's a PITA