Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Help! All messed up with Win32TrojanTDSS and a DCOM Server Process Launcher Error

  • Please log in to reply
1 reply to this topic

#1 tigerjai


  • Members
  • 1 posts
  • Local time:11:56 PM

Posted 16 June 2009 - 12:02 AM

Hey, need some help from the experts please!! My computer has been all kinds of crazy recently. I have been working on it for 6 hours scanning and re-scanning. My friend ran The Ultimate Windows Boot CD or something and found and cleaned a ton of viruses. Kept working on it at home, but still couldn't get rid of two major problems. The first is a DCOM Server Process Launcer Service Terminated error that comes up on boot with a countdown. Found out that I could use "shutdown -a" in the Run dialogue to at least give myself some functionality. Downloaded Ad-Aware and cleaned a bunch of stuff. It still keeps finding the Win32TrojanTDSS file though and can't get rid of it. Downloaded McAfee Security Center Endpoint Protection Home Use Option that the Army offers for free off of the Army Knowledge Online portal. It installed fine but when I go to start it it shows the loading screen, then it disappears and the program start screen does not come up. I also cannot initiate a scan by right-click, it does nothing. Tried to download Malwarebytes Anti-Malware but it does not start either. Now I have some weird thing going on that plays advertisements and music immediately after trying to start Malwarebytes.

I am running Windows XP. Can you please help me??? I am fairly computer literate and really need my computer back!!! Thanks in advance.

BC AdBot (Login to Remove)


#2 Blade


    Strong in the Bleepforce

  • Site Admin
  • 12,704 posts
  • Gender:Male
  • Location:US
  • Local time:12:56 AM

Posted 16 June 2009 - 01:15 AM

Hello tigerjai and :thumbsup: to Bleepingcomputer.

TDSS is the name of a rootkit, a stealth component many kinds of malware make use of. It hides other infections from being seen by Windows, and thus by any scanners we run. We need to hit that first, and Malwarebytes is the one of the best options available to us here in AII. After we get the rootkit, we'll need to run a couple other scans to make sure we catch all the baddies on your system.

Let's try a little variation on running Malwarebytes and see if we can't fool the malware that's keeping it from running. Delete the copy you have already downloaded please. Also, please read all of the instructions below before doing anything.


Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

IMPORTANT!!! - when you save the file, rename it to something random, such as bubbles.exe. This must be done before beginning the download!

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


Renaming the downloaded file before saving should allow you to at least install MBAM. If you have problems getting MBAM to execute after installation, navigate to the folder MBAM installed to and rename mbam.exe to bubbles.bat. Then double click on the file you just renamed to launch the program. Once MBAM is running, make sure you've updated it and then run a scan as directed above. After running the scan, save the log it produces somewhere you can find it, such as the desktop, and reboot the computer. Then run another scan with MBAM, just as before. Please post the logs from both scans here for my review.


In your next reply, please include the following:
Two MBAM logs

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users