Re: Trojan Agent TDSS

Discussion in 'Computer Support' started by Tommy McClure, Oct 23, 2008.

  1. Pavlov wrote:
    > Windows XP Pro SP2
    >
    > I had my firewall off because of an email problem and Trojan Agent got
    > me. I can only run in Safe Mode. Malwarebytes run in Safe Mode or
    > Administrator says it gets rid of it but on reboot I'm still in Safe
    > Mode. What program will get rid of this.
    >
    > Thanks
    >
    > Registry Key HKEY_LOCAL_MACHINE\SOFTWARE|Microsoft\Windows
    > NT\CurrentVersion\tdssdata
    > Registry KeyHKEY_LOCAL_MACHINE\SOFTWARE\tdss
    > File C:\WINDOWS\system32
    > Registry data HKEY_LOCAL_MACHINE\SOFTWARE|Microsoft\Windows
    > NT\CurrentVersion\Winlogon\Userinit data:c:\windows\system32
    > Registry data HKEY_LOCAL_MACHINE\SOFTWARE|Microsoft\Windows
    > NT\CurrentVersion\Winlogon\Userinit data:system32
    >
    > Malwarebytes' Anti-Malware 1.29
    > Database version: 1289
    > Windows 5.1.2600 Service Pack 2
    >
    > 10/23/2008 6:11:52 AM
    > mbam-log-2008-10-23 (06-11-52).txt
    >
    > Scan type: Full Scan (C:\|D:\|E:\|F:\|)
    > Objects scanned: 210810
    > Time elapsed: 1 hour(s), 8 minute(s), 47 second(s)
    >
    > Memory Processes Infected: 0
    > Memory Modules Infected: 0
    > Registry Keys Infected: 2
    > Registry Values Infected: 0
    > Registry Data Items Infected: 2
    > Folders Infected: 0
    > Files Infected: 1
    >
    > Memory Processes Infected:
    > (No malicious items detected)
    >
    > Memory Modules Infected:
    > (No malicious items detected)


    http://www.computerhope.com/issues/chsafe.htm
    once you see the menu, select "Start Windows Normally"
     
    Tommy McClure, Oct 23, 2008
    #1
    1. Advertising

  2. Pavlov wrote:
    > On Thu, 23 Oct 2008 09:17:00 -0500, "Tommy McClure"
    > <tmDELccDEL72AThalDASHpcDOTorg> wrote:
    >
    >>
    >>Pavlov wrote:
    >>> Windows XP Pro SP2
    >>>
    >>> I had my firewall off because of an email problem and Trojan Agent
    >>> got me. I can only run in Safe Mode. Malwarebytes run in Safe Mode
    >>> or Administrator says it gets rid of it but on reboot I'm still in
    >>> Safe Mode. What program will get rid of this.
    >>>
    >>> Thanks
    >>>
    >>> Registry Key HKEY_LOCAL_MACHINE\SOFTWARE|Microsoft\Windows
    >>> NT\CurrentVersion\tdssdata
    >>> Registry KeyHKEY_LOCAL_MACHINE\SOFTWARE\tdss
    >>> File C:\WINDOWS\system32
    >>> Registry data HKEY_LOCAL_MACHINE\SOFTWARE|Microsoft\Windows
    >>> NT\CurrentVersion\Winlogon\Userinit data:c:\windows\system32
    >>> Registry data HKEY_LOCAL_MACHINE\SOFTWARE|Microsoft\Windows
    >>> NT\CurrentVersion\Winlogon\Userinit data:system32
    >>>
    >>> Malwarebytes' Anti-Malware 1.29
    >>> Database version: 1289
    >>> Windows 5.1.2600 Service Pack 2
    >>>
    >>> 10/23/2008 6:11:52 AM
    >>> mbam-log-2008-10-23 (06-11-52).txt
    >>>
    >>> Scan type: Full Scan (C:\|D:\|E:\|F:\|)
    >>> Objects scanned: 210810
    >>> Time elapsed: 1 hour(s), 8 minute(s), 47 second(s)
    >>>
    >>> Memory Processes Infected: 0
    >>> Memory Modules Infected: 0
    >>> Registry Keys Infected: 2
    >>> Registry Values Infected: 0
    >>> Registry Data Items Infected: 2
    >>> Folders Infected: 0
    >>> Files Infected: 1
    >>>
    >>> Memory Processes Infected:
    >>> (No malicious items detected)
    >>>
    >>> Memory Modules Infected:
    >>> (No malicious items detected)

    >>
    >>http://www.computerhope.com/issues/chsafe.htm
    >>once you see the menu, select "Start Windows Normally"
    >>

    > If you select that it reboots back to the same screen. It will only
    > boot to Safe Mode, Safe Mode with Networking or Command Prompt.



    did you try cold booting? leave off for minute or so?

    might try Superantispyware too
    http://www.superantispyware.com/
     
    Tommy McClure, Oct 23, 2008
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Vimokh
    Replies:
    3
    Views:
    5,785
    Vimokh
    Sep 6, 2006
  2. Re: Trojan Agent TDSS

    , Oct 23, 2008, in forum: Computer Support
    Replies:
    0
    Views:
    538
  3. Tommy McClure

    Re: Trojan Agent TDSS

    Tommy McClure, Oct 23, 2008, in forum: Computer Support
    Replies:
    0
    Views:
    637
    Tommy McClure
    Oct 23, 2008
  4. Scott269

    TDSS Trojan

    Scott269, Nov 1, 2008, in forum: Computer Support
    Replies:
    2
    Views:
    6,300
  5. dfinc
    Replies:
    2
    Views:
    582
    dfinc
    Aug 6, 2009
Loading...

Share This Page