TDSS Rootkit problem

Printable View

13.01.2010, 06:59
brindfan

TDSS Rootkit problem

I have a TDSS rootkit in my computer that I can't get out. TDSSkiller freezes up my computer, the Kaspersky Virus Removal Tool finds it, but doesn't remove it, and CureIt! freezes my computer.

My O.S. is Windows XP Professional SP3

Here are my files:

Logfile of Trend Micro HijackThis v2.0.3 (BETA)

[COLOR="Red"]cut[/COLOR]
13.01.2010, 07:37
anton_dr

Read this [url]http://virusinfo.info/showthread.php?t=9184[/url]
13.01.2010, 07:55
brindfan

I did all of that. Also, your private message came through in Russian, I have no idea what it says.
13.01.2010, 10:21
Rene-gad

[QUOTE=brindfan;559168]I have no idea what it says.[/QUOTE]It says: your post was edited, logs should not be posted, but attached, more informations - read the linked page in post of anton_dr.
13.01.2010, 16:35
Numb

In addition: before making new logs try to use this utility - [url]http://www.esagelab.com/resources.php?s=tdss_remover[/url] - it could help in your case.
13.01.2010, 23:12
brindfan

[QUOTE=Numb;559514]In addition: before making new logs try to use this utility - [URL]http://www.esagelab.com/resources.php?s=tdss_remover[/URL] - it could help in your case.[/QUOTE]

OK, it finds Rootkit Win32tdss.y, but when I go to remove it, my computer promps me to insert my XP install disk and open the atapi.sy file. I insert the disk, find the file, and when I go to open it, windows says it can't open the file.

I am very frustrated right now. Any help is appreciated. I'm not very computer savvy.
14.01.2010, 00:48
Rene-gad

[QUOTE=brindfan;559805]Any help is appreciated. [/QUOTE]We can only give you some recommendations, but you have to try to realize it - here we cannot help you. If you're not really IT-fit, try to find any specialist in your environment.
14.01.2010, 01:12
brindfan

Can you help me with the TDSS remover problem I am having? Or is there another forum for that?
14.01.2010, 09:49
Aleksandra

Check your system with Live CD Vba32 Rescue. Links to download:

[url]ftp://anti-virus.by/pub/vbarescue.iso[/url]
[url]ftp://vba.ok.by/vba/vbarescue.iso[/url]

Attach a report file vba32.rpt.
15.01.2010, 01:41
brindfan

Thanks for your assistance, but after two weeks of frustration, I hired someone to take care of the problem. This was a nasty TDSS rootkit, it took him almost four hours to extract it.

Thanks again.