I have run into a bit of a snag trying to revive my computer that keeps getting a BSOD ~20 seconds after windows startup.
I am running XP SP3
"STOP: 0X0000008E 0Xc0000005 0xA12AFB75 0x9F0F47E8 0x00000000"
Here is what happened:
I was browsing the internet lastnight when my start bar and start menu changed from XP default to the 'classic windows' style. I restarted my computer and a few seconds after windows put me at my desktop I got the BSOD as described above. I booted up in Safemode then I attempted to open "Malwarebytes' Anti-Malware" however it would not open. I then opened 'SUPERAntiSpyware' using its alternate start (normal start would not open either) and scanned my computer. It came up with:
Trojan.Dropper/SVCHost-Fake
Rootkit.TDSServ
(with 57 entrys for the rootkit)
I removed them all (+ some tracking cookies) and then restarted. booting back into safemode
and was then able to open Malwarebytes Anti-Malware which came up with the following:
1 infected registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (trojan.Agent)
2 infected registry data items:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Currentversion\Winlogo\userinit (Trojan.Agent) Data: C:\windows\system32\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Currentversion\Winlogo\userinit (Trojan.Agent) Data: system32\
1 infected file:
C:\windows\system32 (Trojan.Agent)
all of which were 'Quarantined and deleted successfully'
I then rebooted and ran windows and got the same BSOD.
after some reading online I was told to use the minidump feature of XP to find what was left (I was told most likely a rootkit that I can't find). I was however unable to open the .dmp files. I searched and found I had to download a viewer (Horrible idea Microsoft) which I am unable to do due to the computer BSODing when im not in safe mode.
I am not sure what to do from here, can anybody help?
I am running XP SP3
"STOP: 0X0000008E 0Xc0000005 0xA12AFB75 0x9F0F47E8 0x00000000"
Here is what happened:
I was browsing the internet lastnight when my start bar and start menu changed from XP default to the 'classic windows' style. I restarted my computer and a few seconds after windows put me at my desktop I got the BSOD as described above. I booted up in Safemode then I attempted to open "Malwarebytes' Anti-Malware" however it would not open. I then opened 'SUPERAntiSpyware' using its alternate start (normal start would not open either) and scanned my computer. It came up with:
Trojan.Dropper/SVCHost-Fake
Rootkit.TDSServ
(with 57 entrys for the rootkit)
I removed them all (+ some tracking cookies) and then restarted. booting back into safemode
and was then able to open Malwarebytes Anti-Malware which came up with the following:
1 infected registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (trojan.Agent)
2 infected registry data items:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Currentversion\Winlogo\userinit (Trojan.Agent) Data: C:\windows\system32\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Currentversion\Winlogo\userinit (Trojan.Agent) Data: system32\
1 infected file:
C:\windows\system32 (Trojan.Agent)
all of which were 'Quarantined and deleted successfully'
I then rebooted and ran windows and got the same BSOD.
after some reading online I was told to use the minidump feature of XP to find what was left (I was told most likely a rootkit that I can't find). I was however unable to open the .dmp files. I searched and found I had to download a viewer (Horrible idea Microsoft) which I am unable to do due to the computer BSODing when im not in safe mode.
I am not sure what to do from here, can anybody help?
