CSCDisk.sys Hanging + Trojan controlling desktop (challenging problem...)

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

not

Thread Starter
Joined
Apr 30, 2010
Messages
1
I've got a pretty terrible problem here and I'm not sure if they're related. I'm going to assume they're not as all of the googling I have done hasn't been connecting them, but this trojan is fairly new so that could be incorrect.

Anyway, here's the problem:

I booted up my system last night and saw this trojan: http://www.bleepingcomputer.com/virus-removal/remove-i-q-manager

It seems like a fairly straight-forward removal process for this trojan, but my case seems more complex. The trojan seems to have taken complete control of my desktop, I am unable to hit "Start" or access it in any other way that I am aware of (Ctrl + alt + delete, windows key, Ctrl + shift + Esc).

Naturally, I decided that rebooting in safe mode would be the way to kill this thing off. While booting up, my laptop hangs at cscdisk.sys forever (the longest I tested was ~15 minutes but I can't imagine it booting that file all of a sudden...). At this point I was pretty concerned, I tried the other boot options - safe mode with networking/command prompt with no success. Then, I tried to boot in Directory Services Restore Mode, this gets to cscdisk.sys and stops, attempting to restore it. After it appears to restore the file (not sure what actually happened here), I get to my log on. I log in and the trojan still has control of my machine (with safe mode written in each corner) and once again I am unable to access the start menu.

Anyone have any ideas on this one? I'm trying to solve this without re-imaging my machine. Also, I'm not totally sure where my vista disks are, but I'm going to tear my place apart later tonight looking for them and then I may try booting in safe mode from the disk after editing the BIOS to boot from there first.

Thanks for your help.
 
Joined
Apr 30, 2010
Messages
37
Okay, well try to access Task Manager.
Open up a file explorer window, and put the below path in (replace ROOT with your root drive, this is normally C:

ROOT:\Windows\System32

Now look for a file called "taskmgr", it will be an application.

Right-click this and select"Run as Administrator".

Go to the Processes tab, and try and give me a list of what you see, specify the ones you haven't seen before or are using a lot of CPU.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top