LSA Shell & Infected, embedded Trojan horse Dropper.Agent...
Last response: in Windows XP
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)
I am trying to clean up a lady's computer - I've gone through a whole bunch
of tests: online scans, Sysclean, AVG, AdAware, SpyBot, etc. Gotten rid of
most infected files, but AVG still shows one that I'm not sure how to get rid
of.
On the report, it says that it is an Infected, embedded object. It is a
Trojan horse Dropper.Agent.6.W and is found in file:
C:\WINDOWS\system32\config\systemprofile\LocalSettings\TemporaryInternetFiles\Content.IE5\8D69EN49\flew[1].exe:\dreese.exe.
Help! I've tried looking on AVG virus search, on Google etc. Can't seem to
find out how to get rid of it. I tried Disk Cleanup and downloaded the
CleanUp!4.0 program to get rid of Temp.Int.Files, but it still shows up in
AVG test report.
Also, occassionally, an error message shows up. I was not sure if it was
from a virus, so I've been concentrating on cleaning up the infections. The
box will pop up: LSA Shell (Export Version) as a title and will say that the
lsass.exe was terminated unexpectedly. Shortly after that, the System
Shutdown box will pop up and give me about a minute before shutting down. It
says, along with closing and saving any open files, etc, authorized by NT
AUTHORITY\SYSTEM. Is this due to viruses, or is there more of a problem with
Windows XP?? I'm pretty sure this is only happening when I'm trying to
download stuff. I have not had a chance to do any Windows Updates yet on
this computer.
I would like to return this computer to this lady uninfected, so any ideas
are greatly appreciated.
Running SpyBot, I get "Error during check" notice and underneath - Xuron55
.... WINDOWS\win.ini kann nicht geoffnet werden but when I hit Fix Selected
Problems, that ends up with a big green check, also. Any ideas??
--
Barb Zakrzewski
I am trying to clean up a lady's computer - I've gone through a whole bunch
of tests: online scans, Sysclean, AVG, AdAware, SpyBot, etc. Gotten rid of
most infected files, but AVG still shows one that I'm not sure how to get rid
of.
On the report, it says that it is an Infected, embedded object. It is a
Trojan horse Dropper.Agent.6.W and is found in file:
C:\WINDOWS\system32\config\systemprofile\LocalSettings\TemporaryInternetFiles\Content.IE5\8D69EN49\flew[1].exe:\dreese.exe.
Help! I've tried looking on AVG virus search, on Google etc. Can't seem to
find out how to get rid of it. I tried Disk Cleanup and downloaded the
CleanUp!4.0 program to get rid of Temp.Int.Files, but it still shows up in
AVG test report.
Also, occassionally, an error message shows up. I was not sure if it was
from a virus, so I've been concentrating on cleaning up the infections. The
box will pop up: LSA Shell (Export Version) as a title and will say that the
lsass.exe was terminated unexpectedly. Shortly after that, the System
Shutdown box will pop up and give me about a minute before shutting down. It
says, along with closing and saving any open files, etc, authorized by NT
AUTHORITY\SYSTEM. Is this due to viruses, or is there more of a problem with
Windows XP?? I'm pretty sure this is only happening when I'm trying to
download stuff. I have not had a chance to do any Windows Updates yet on
this computer.
I would like to return this computer to this lady uninfected, so any ideas
are greatly appreciated.
Running SpyBot, I get "Error during check" notice and underneath - Xuron55
.... WINDOWS\win.ini kann nicht geoffnet werden but when I hit Fix Selected
Problems, that ends up with a big green check, also. Any ideas??
--
Barb Zakrzewski
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)
can't help you with a solve.
* but there's some talk about the Trojan on another site.
If you ask there, they may be able to help you out. seems friendly enough,
over there. =
http://www.geekstogo.com/forum/Ceres_and_Popup_problems...
* some further software to try
stinger, free McAfee standalone last-ditch scanner.
http://vil.nai.com/vil/stinger/
spyware doctor, is a spy/malware scanner that has been getting very good
reviews. there's a free version of it. main drawback of it, is that you'll
have to manually update. https://www.pctools.com/spyware-doctor/
"Barbara Z" wrote:
> I am trying to clean up a lady's computer - I've gone through a whole bunch
> of tests: online scans, Sysclean, AVG, AdAware, SpyBot, etc. Gotten rid of
> most infected files, but AVG still shows one that I'm not sure how to get rid
> of.
> On the report, it says that it is an Infected, embedded object. It is a
> Trojan horse Dropper.Agent.6.W and is found in file:
> C:\WINDOWS\system32\config\systemprofile\LocalSettings\TemporaryInternetFiles\Content.IE5\8D69EN49\flew[1].exe:\dreese.exe.
> Help! I've tried looking on AVG virus search, on Google etc. Can't seem to
> find out how to get rid of it. I tried Disk Cleanup and downloaded the
> CleanUp!4.0 program to get rid of Temp.Int.Files, but it still shows up in
> AVG test report.
>
> Also, occassionally, an error message shows up. I was not sure if it was
> from a virus, so I've been concentrating on cleaning up the infections. The
> box will pop up: LSA Shell (Export Version) as a title and will say that the
> lsass.exe was terminated unexpectedly. Shortly after that, the System
> Shutdown box will pop up and give me about a minute before shutting down. It
> says, along with closing and saving any open files, etc, authorized by NT
> AUTHORITY\SYSTEM. Is this due to viruses, or is there more of a problem with
> Windows XP?? I'm pretty sure this is only happening when I'm trying to
> download stuff. I have not had a chance to do any Windows Updates yet on
> this computer.
> I would like to return this computer to this lady uninfected, so any ideas
> are greatly appreciated.
>
> Running SpyBot, I get "Error during check" notice and underneath - Xuron55
> ... WINDOWS\win.ini kann nicht geoffnet werden but when I hit Fix Selected
> Problems, that ends up with a big green check, also. Any ideas??
> --
> Barb Zakrzewski
can't help you with a solve.
* but there's some talk about the Trojan on another site.
If you ask there, they may be able to help you out. seems friendly enough,
over there. =
http://www.geekstogo.com/forum/Ceres_and_Popup_problems...
* some further software to try
stinger, free McAfee standalone last-ditch scanner.
http://vil.nai.com/vil/stinger/
spyware doctor, is a spy/malware scanner that has been getting very good
reviews. there's a free version of it. main drawback of it, is that you'll
have to manually update. https://www.pctools.com/spyware-doctor/
"Barbara Z" wrote:
> I am trying to clean up a lady's computer - I've gone through a whole bunch
> of tests: online scans, Sysclean, AVG, AdAware, SpyBot, etc. Gotten rid of
> most infected files, but AVG still shows one that I'm not sure how to get rid
> of.
> On the report, it says that it is an Infected, embedded object. It is a
> Trojan horse Dropper.Agent.6.W and is found in file:
> C:\WINDOWS\system32\config\systemprofile\LocalSettings\TemporaryInternetFiles\Content.IE5\8D69EN49\flew[1].exe:\dreese.exe.
> Help! I've tried looking on AVG virus search, on Google etc. Can't seem to
> find out how to get rid of it. I tried Disk Cleanup and downloaded the
> CleanUp!4.0 program to get rid of Temp.Int.Files, but it still shows up in
> AVG test report.
>
> Also, occassionally, an error message shows up. I was not sure if it was
> from a virus, so I've been concentrating on cleaning up the infections. The
> box will pop up: LSA Shell (Export Version) as a title and will say that the
> lsass.exe was terminated unexpectedly. Shortly after that, the System
> Shutdown box will pop up and give me about a minute before shutting down. It
> says, along with closing and saving any open files, etc, authorized by NT
> AUTHORITY\SYSTEM. Is this due to viruses, or is there more of a problem with
> Windows XP?? I'm pretty sure this is only happening when I'm trying to
> download stuff. I have not had a chance to do any Windows Updates yet on
> this computer.
> I would like to return this computer to this lady uninfected, so any ideas
> are greatly appreciated.
>
> Running SpyBot, I get "Error during check" notice and underneath - Xuron55
> ... WINDOWS\win.ini kann nicht geoffnet werden but when I hit Fix Selected
> Problems, that ends up with a big green check, also. Any ideas??
> --
> Barb Zakrzewski
Related ressources:
- ForumLSA Shell (Export Version) has encountered a problem
- ForumLSA SHELL (export version)
- ForumNew PC Sudden Drop in FPS
- ForumSudden Drop in FPS NEW PC
- ForumPassword not accepted in Task Scheduler
- ForumRecovery Console not responding
- ForumAll kinds of basic issues after a format & fresh install
- ForumCan not get / use IP-adresses
- Forumvirus or not?!?
- Forumwinlogon:userinit
- Forumlsass.exe system error
- Forumerror message
- ForumCan I trust it
- Forumscheduled task
- Forumcontrol userpasswords2
- Forumcomputer shuts down while on the internet?
- ForumPCMCIA slots need more power??? HELP!
- ForumHOMEPATH not available in runas shell
- ForumInfected folder cannot be removed
- ForumA trojan or something , whse
- More resources
Read discussions in other Windows XP categories
!
