Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > Re: Trojan Agent TDSS

Reply
Thread Tools

Re: Trojan Agent TDSS

 
 
Tommy McClure
Guest
Posts: n/a
 
      10-23-2008

Pavlov wrote:
> Windows XP Pro SP2
>
> I had my firewall off because of an email problem and Trojan Agent got
> me. I can only run in Safe Mode. Malwarebytes run in Safe Mode or
> Administrator says it gets rid of it but on reboot I'm still in Safe
> Mode. What program will get rid of this.
>
> Thanks
>
> Registry Key HKEY_LOCAL_MACHINE\SOFTWARE|Microsoft\Windows
> NT\CurrentVersion\tdssdata
> Registry KeyHKEY_LOCAL_MACHINE\SOFTWARE\tdss
> File C:\WINDOWS\system32
> Registry data HKEY_LOCAL_MACHINE\SOFTWARE|Microsoft\Windows
> NT\CurrentVersion\Winlogon\Userinit data:c:\windows\system32
> Registry data HKEY_LOCAL_MACHINE\SOFTWARE|Microsoft\Windows
> NT\CurrentVersion\Winlogon\Userinit data:system32
>
> Malwarebytes' Anti-Malware 1.29
> Database version: 1289
> Windows 5.1.2600 Service Pack 2
>
> 10/23/2008 6:11:52 AM
> mbam-log-2008-10-23 (06-11-52).txt
>
> Scan type: Full Scan (C:\|D:\|E:\|F:\|)
> Objects scanned: 210810
> Time elapsed: 1 hour(s), 8 minute(s), 47 second(s)
>
> Memory Processes Infected: 0
> Memory Modules Infected: 0
> Registry Keys Infected: 2
> Registry Values Infected: 0
> Registry Data Items Infected: 2
> Folders Infected: 0
> Files Infected: 1
>
> Memory Processes Infected:
> (No malicious items detected)
>
> Memory Modules Infected:
> (No malicious items detected)


http://www.computerhope.com/issues/chsafe.htm
once you see the menu, select "Start Windows Normally"


 
Reply With Quote
 
 
 
 
Tommy McClure
Guest
Posts: n/a
 
      10-23-2008

Pavlov wrote:
> On Thu, 23 Oct 2008 09:17:00 -0500, "Tommy McClure"
> <tmDELccDEL72AThalDASHpcDOTorg> wrote:
>
>>
>>Pavlov wrote:
>>> Windows XP Pro SP2
>>>
>>> I had my firewall off because of an email problem and Trojan Agent
>>> got me. I can only run in Safe Mode. Malwarebytes run in Safe Mode
>>> or Administrator says it gets rid of it but on reboot I'm still in
>>> Safe Mode. What program will get rid of this.
>>>
>>> Thanks
>>>
>>> Registry Key HKEY_LOCAL_MACHINE\SOFTWARE|Microsoft\Windows
>>> NT\CurrentVersion\tdssdata
>>> Registry KeyHKEY_LOCAL_MACHINE\SOFTWARE\tdss
>>> File C:\WINDOWS\system32
>>> Registry data HKEY_LOCAL_MACHINE\SOFTWARE|Microsoft\Windows
>>> NT\CurrentVersion\Winlogon\Userinit data:c:\windows\system32
>>> Registry data HKEY_LOCAL_MACHINE\SOFTWARE|Microsoft\Windows
>>> NT\CurrentVersion\Winlogon\Userinit data:system32
>>>
>>> Malwarebytes' Anti-Malware 1.29
>>> Database version: 1289
>>> Windows 5.1.2600 Service Pack 2
>>>
>>> 10/23/2008 6:11:52 AM
>>> mbam-log-2008-10-23 (06-11-52).txt
>>>
>>> Scan type: Full Scan (C:\|D:\|E:\|F:\|)
>>> Objects scanned: 210810
>>> Time elapsed: 1 hour(s), 8 minute(s), 47 second(s)
>>>
>>> Memory Processes Infected: 0
>>> Memory Modules Infected: 0
>>> Registry Keys Infected: 2
>>> Registry Values Infected: 0
>>> Registry Data Items Infected: 2
>>> Folders Infected: 0
>>> Files Infected: 1
>>>
>>> Memory Processes Infected:
>>> (No malicious items detected)
>>>
>>> Memory Modules Infected:
>>> (No malicious items detected)

>>
>>http://www.computerhope.com/issues/chsafe.htm
>>once you see the menu, select "Start Windows Normally"
>>

> If you select that it reboots back to the same screen. It will only
> boot to Safe Mode, Safe Mode with Networking or Command Prompt.



did you try cold booting? leave off for minute or so?

might try Superantispyware too
http://www.superantispyware.com/



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Removing Trojan TDSS.sys or TidServ backdoor dfinc Cisco 2 08-06-2009 04:03 AM
TDSS Trojan Scott269 Computer Support 2 11-01-2008 05:55 PM
Re: Trojan Agent TDSS Tommy McClure Computer Support 0 10-23-2008 08:56 PM
Re: Trojan Agent TDSS Pennywise@DerryMaine.Gov Computer Support 0 10-23-2008 06:15 PM
Dhcp Relay Agent And Acl On Sw 3750, DHCP Relay Agent and ACL on Sw 3750 Vimokh Cisco 3 09-06-2006 02:16 AM



Advertisments