Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with a serious backdoor trojan


  • Please log in to reply
1 reply to this topic

#1 ravergirl

ravergirl

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:47 AM

Posted 23 February 2011 - 02:16 AM

Hello everyone,

I did not follow the instructions on my last post. Sorry about that.

Symantec found this infection and was unable to remove it.

Backdoor.Tidserv.I!inf

it has two different listings:

A0013904.sys
rdpcdd.sys

I am unable to successfully run dds.scr. When I try, the program starts scanning but then my computer freezes after a few minutes and will not unlock unless I shut it down forcefully by holding down the power key! So, I am not able to attach that log file.

When I run the gmer.exe, it automatically starts scanning and then the dreaded blue screen pops up saying a file is infected and windows restarts. So that log can also not be created.

I am getting another error window saying "files that are required for windows to run properly have been replaced by unrecognized versions. To maintain system stability, windows must restore the original versions of these files. Insert your windows XP professional cd-rom now."

I have no XP professional cd-rom.

PLEASE HELP!

BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:08:47 AM

Posted 26 February 2011 - 08:45 AM

hi ravergirl,

based on your post you shouldnt use this computer until its clean or use it as little as possible. When not in use make sure it has no internet connectivity, if your not sure how to do this then power it off.

Please download TDSS Killer.exe and save it to your desktop
Double click to launch the utility. After it initializes click the start scan button.

Once the scan completes you can click the continue button.

"The utility will automatically select an action (Cure or Delete) for known malcious objects. A suspicious object will be skipped by default."

"After clicking Next, the utility applies selected actions and outputs the result."

"A reboot might require after disinfection."

A report will be found in your Root drive Local Disk (C:) as TDSSKiller.2.4.12.0_02.01.2011_17.32.21_log.txt (name, version, date, time, log.txt)
Please post the log report

How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users