Hello,
I got a win32 trojan tdss on my vista laptop. It won't boot on normal mode, but I can boot on safe mode with and w/o networking. Because I changed the names of the files, I was able to install malwarebytes and spybot search and destroy (for example, I changed the name malwarebytes to just mwb). However I still can't boot normally to my computer and I can't delete the infected files using malwarebytes because it says they can't be deleted, but they will be deleted when I boot my computer again, but they are still there after booting. Reformating and starting over is not an option.
This is the log that malwarebytes gives me:
Malwarebytes' Anti-Malware 1.38
Database version: 2411
Windows 6.0.6001 Service Pack 1
7/12/2009 1:51:52 AM
mbam-log-2009-07-12 (01-51-52).txt
Scan type: Quick Scan
Objects scanned: 439141
Time elapsed: 5 minute(s), 21 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Windows\Temp\_avast4_\unp103104887.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
c:\Windows\Temp\_avast4_\unp180029364.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
c:\Windows\Temp\_avast4_\unp97449126.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
I got a win32 trojan tdss on my vista laptop. It won't boot on normal mode, but I can boot on safe mode with and w/o networking. Because I changed the names of the files, I was able to install malwarebytes and spybot search and destroy (for example, I changed the name malwarebytes to just mwb). However I still can't boot normally to my computer and I can't delete the infected files using malwarebytes because it says they can't be deleted, but they will be deleted when I boot my computer again, but they are still there after booting. Reformating and starting over is not an option.
This is the log that malwarebytes gives me:
Malwarebytes' Anti-Malware 1.38
Database version: 2411
Windows 6.0.6001 Service Pack 1
7/12/2009 1:51:52 AM
mbam-log-2009-07-12 (01-51-52).txt
Scan type: Quick Scan
Objects scanned: 439141
Time elapsed: 5 minute(s), 21 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Windows\Temp\_avast4_\unp103104887.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
c:\Windows\Temp\_avast4_\unp180029364.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
c:\Windows\Temp\_avast4_\unp97449126.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.