Kaspersky has detected rootkit.win32.tdss.d, but will not remove it. MBAM doesn't even detect it, neither does AVG.
I am attaching, the KVR Log, and Hijack This log.
Can someone please help me, get rid of this ugly little thing!?!?!?!?
-John
Kaspersky has detected rootkit.win32.tdss.d, but will not remove it. MBAM doesn't even detect it, neither does AVG.
I am attaching, the KVR Log, and Hijack This log.
Can someone please help me, get rid of this ugly little thing!?!?!?!?
-John
Why do you tell us about Kaspersky? You have AGV8 installed (btw: it should be AGV 9 )
- Execute following script in Manual disinfection
After reboot and upload the C:\quarantine.zip over the link Upload quarantined files on the top of this page.Код:begin QuarantineFile('D:\autorun.inf',''); CreateQurantineArchive('C:\quarantine.zip'); RebootWindows(true); end.
I mention Kaspersky, because I just knew that you wanted to know all about it. Really, I ran AVG when I noticed symptoms, it found nothing, I installed Kaspersky and it did. AVG has since been uninstalled.
I've uploaded the quarantine.zip file, but I got an error about the file already being uploaded. I don't know if I accidently clicked twice, or if its a bug.
-John
when I run it again; I get a popup which says exactly;
"Kaspersky Virus Removal Tool"
"File Unknown application: Contains Virus"
"Rootkit.win32.TDSS.d Untreatedostponed"
This pops up almost immediately after starting the scan. Would you like to see a screenshot?
:edit: the alarm window, shows that it is an unknown virus, in the system memory. Created & modified, 12/31/1969 3:59:59 PM
Последний раз редактировалось iamrudeur2; 26.02.2010 в 00:12. Причина: updated status
Pls. read here: http://support.kaspersky.com/faq/?qid=208280684 and run tdsskiller.
Then make a log of gmer: http://virusinfo.info/showthread.php?t=51878
Ran TDSSKiller; It found 2 memory objects, 1 file object. It did not clean anything, and did not reboot. Did a manual reboot, and ran GMER. GMER totally hangs the system. Program window goes blank and, keyboard/mouse lock up.
Последний раз редактировалось Rene-gad; 27.02.2010 в 11:07. Причина: posted log removed
- Execute following script in Manual disinfection
After reboot and upload the C:\atapi.zip over the link Upload quarantined files on the top of this page.Код:begin QuarantineFile('C:\WINDOWS\system32\drivers\atapi.sys',''); CreateQurantineArchive('C:\atapi.zip'); RebootWindows(true); end.
just before I received your script; I got bored of this virus, and wiped the HD; and reinstalled windows. No scans report anything out of the ordinary.
Thanks very much for your help, in the mean time.
P.S. The paid version of AVG 9 does clean TDSS.D, however in my case the drivers cleaned no longer worked properly and my drives were not being classified correctly. The DVD-R was shown as a CD-ROM. & a few minor glitches with the USB ports. A clean install of the system files fixed that.
Thnkx again
-John