 tdsskiller can't remove rootkit.win32.tdss.d |
  |
 9.04.2010 20:27
Post
#1
|
|
|
Newbie  Group: Members Posts: 5 Joined: 9.04.2010  |
Hi there,
My Kaspersky 2010 found a rootkit.win32.tdss.d so reading other posts in the forum, I decided to download tdsskiller. When I run the tdsskiller, I get this message: Driver "atapi" infected by TDSS rootkit! File" C:\WINDOWS\system32\drivers\atapi.sys " infected by TDSS rootkit... will be cured on next reboot. Completed Results: Memory objects infected / cured / cured on reboot: 1 / 0 /0 Registry objected infected / cured / cured on reboot: 0/0/0 File objects infected / cured / cured on reboot: 1/0/1 To finalize removal of infection and avoid loosing of data program will reboot your PC now. Close all programs and choose Y to restart or N to continue I've rebooted three times now and the rootkit is still on my computer, and tdsskiller just keeps giving that same message. Any suggestions? Thanks so much. |
 |
 
|
|
9.04.2010 20:31
Post
#2
|
|
|
Spanish Forum Moderator Group: Moderators Posts: 14840 Joined: 25.09.2007 From: España (Spain) |
Hi, Welcome to the forum
This is the forum for Protection for Home Users, in your case better to post in the virus forum. Kaspersky are currently reveiwing this virus issue. Review this: http://forum.kaspersky.com/index.php?showtopic=84003 Post your getsysteminfo (gsi), avz log, and tdsskiller log for review. Regards This post has been edited by Caos: 9.04.2010 20:33 -------------------- Kaspersky SPANISH PARTNER
Normas del foro - Helpdesk - Spanish Fan Club - GetSystemInfo - Removal Tool - Webscanner |
|
|
|
|
9.04.2010 20:37
Post
#3
|
|
|
Newbie Group: Members Posts: 5 Joined: 9.04.2010 |
Hi!
Thanks for your response. I'll repost in the virus forum then. What's "getsysteminfo (gsi), avz log, and tdsskiller log" ? In other posts I've noticed requests for screen shots, but how can I do that in tdsskiller? Thanks for your help. Bonnie |
|
|
|
|
9.04.2010 20:53
Post
#4
|
|
|
Spanish Forum Moderator Group: Moderators Posts: 14840 Joined: 25.09.2007 From: España (Spain) |
For tdsskiller review: http://support.kaspersky.com/viruses/solutions?qid=208280684
For avzlog and gsi, review: http://forum.kaspersky.com/index.php?showtopic=84003 This topic will be moved to virus forum, not need to open another topic. Regards -------------------- Kaspersky SPANISH PARTNER
Normas del foro - Helpdesk - Spanish Fan Club - GetSystemInfo - Removal Tool - Webscanner |
|
|
|
|
9.04.2010 21:29
Post
#5
|
|
|
Newbie Group: Members Posts: 5 Joined: 9.04.2010 |
Thanks for your help. I really appreciate it!
I couldn't run the avz. I tried a bunch of times and it just kept freezing up. I didn't understand the http://support.kaspersky.com/viruses/solutions?qid=208280684 page. How do you do this (and is this what you wanted??): Command line parameters to run the utility TDSSKiller.exe -l <file_name> - write log to a file. I attached what I think are the tdss log and the gsi screen shot...... Bonnie
Attached File(s)
tdss_log.JPG ( 92.72K )
Number of downloads: 11
log.txt ( 8.13K )
Number of downloads: 5
gsi.JPG ( 152.9K )
Number of downloads: 12 |
|
|
|
|
9.04.2010 21:48
Post
#6
|
|
|
Newbie Group: Members Posts: 5 Joined: 9.04.2010 |
|
|
|
|
|
13.04.2010 17:03
Post
#7
|
|
|
Newbie Group: Members Posts: 5 Joined: 9.04.2010 |
Now TDSSkiller says cure failed...
Any thoughts of what to do next??
Attached File(s)
|
|
|
|
|
14.04.2010 20:25
Post
#8
|
|
|
Spanish Forum Moderator Group: Moderators Posts: 14840 Joined: 25.09.2007 From: España (Spain) |
Use the Kaspersky Rescue CD 2008 with todays definitions should work
Details on how to use the Rescue Cd can be found here - http://support.kaspersky.com/faq/?qid=208280093 -------------------- Kaspersky SPANISH PARTNER
Normas del foro - Helpdesk - Spanish Fan Club - GetSystemInfo - Removal Tool - Webscanner |
|
|
|
|
| Lo-Fi Version | Time is now: 22.05.2013 14:30 |