Linux Format forums

[GeordieJedi]

Hi all. Sorry to bother you, but I was having a bit of trouble and I thought id ask for some advice

(Btw im running XP in the laptop)
I was surfing the net on the laptop. when I got an alert that a trojan was trying to establish a connection.
(So im thinking its already on the laptop??) Kaspersky has supposedly identified the threat and nutralised it.

However im now really paranoid and i have been googaling the various processes from task manager
(but the different websites seem to contradict one-another)

Here is a list of the the more suspicious items in task manager.

csrss.exe
Isass.exe ?
PDSched.exe
smss.exe
WZQPICK.EXE
wuaclt.exe

-> MsPMSPSv.exe is an interesting one, as I googled it, got an entry that looked almost exactly the same, and got diverted to the Sophos website. I followed the instructions very carefully and (made a back up of the registry first) the looked round for the supposed file. I never found the offending file but now im really starting to worry.

Ive ran trojan remover. Done a full system scan and it says its now clean.

So, any Ideas? any help would be VERY much appreciated. Thanks in advance

[flashdangerpants]

Isass.exe is a virus called optix pro, but Lsass.exe is good. so try be sure which you have there. if you have the virus then i assume you will have both processes running.

the others all look like perfectly sensible processes to me?

if you are still worried you should run hijackthis http://www.whatthetech.com/hijackthis/ and get an expert to look at the logs. i don't know where the experts are to be found though. personally i just assume my windows install is infected with crud like trojans and spyware and never use it for anything important. so i don't worry much about exactly which fleas it has.

[pootman]

[wyliecoyoteuk]

Sorry, but shouldn't you be asking this on a Windows site?
They are more likely to be practiced at dealing with viruses. (after all we Linux ppl don't know what they are)
_________________
The sig between the asterisks is so cool that only REALLY COOL people can even see it!

*************** ************

[Marrea]

[flashdangerpants]

[GeordieJedi]

Thank you all very much, esp flashdangerpants. Any help is much appreciated.

Thats put my mind at rest a little bit...
The reason im eager to get this sorted is that its not my computer, its my brothers and I dont want to let him down by getting the thing infected with some virus/trojan crap.

Marrea + Wyliecoyote. Your probably right, although I had allready posted to a couple of forums and had recieved no response, So I thought i'd try here on the "Other OS" board, and hey..waddaya know. Even hardend linux fans help me out. Just goes to show.

Thanks.

[flashdangerpants]

i know the feeling. i reinstalled windows for my mum, went to download firefox for it and managed to infect the bloody thing with big lumps of spyware just by mistyping the url. went from clean to infested in less than 2 minutes

[ollie]