KBBC

tdsskiller can't remove rootkit.win32.tdss.d

8 posts in this topic

Hi there,

 

My Kaspersky 2010 found a rootkit.win32.tdss.d so reading other posts in the forum, I decided to download tdsskiller. When I run the tdsskiller, I get this message:

 

Driver "atapi" infected by TDSS rootkit!

File" C:\WINDOWS\system32\drivers\atapi.sys " infected by TDSS rootkit... will be cured on next reboot.

 

Completed

 

Results:

Memory objects infected / cured / cured on reboot: 1 / 0 /0

Registry objected infected / cured / cured on reboot: 0/0/0

File objects infected / cured / cured on reboot: 1/0/1

 

To finalize removal of infection and avoid loosing of data program will reboot your PC now. Close all programs and choose Y to restart or N to continue

 

I've rebooted three times now and the rootkit is still on my computer, and tdsskiller just keeps giving that same message.

 

Any suggestions?

 

Thanks so much.

Share this post


Link to post
Share on other sites

Hi, Welcome to the forum

 

This is the forum for Protection for Home Users, in your case better to post in the virus forum.

 

Kaspersky are currently reveiwing this virus issue.

 

Review this: http://forum.kaspersky.com/index.php?showtopic=84003

 

Post your getsysteminfo (gsi), avz log, and tdsskiller log for review.

 

Regards

Edited by Caos

Share this post


Link to post
Share on other sites

Hi!

 

Thanks for your response. I'll repost in the virus forum then.

 

What's "getsysteminfo (gsi), avz log, and tdsskiller log" ?

 

In other posts I've noticed requests for screen shots, but how can I do that in tdsskiller?

 

Thanks for your help.

 

Bonnie

 

 

 

Share this post


Link to post
Share on other sites

Thanks for your help. I really appreciate it!

 

I couldn't run the avz. I tried a bunch of times and it just kept freezing up.

 

I didn't understand the http://support.kaspersky.com/viruses/solutions?qid=208280684 page. How do you do this (and is this what you wanted??):

 

Command line parameters to run the utility TDSSKiller.exe

-l <file_name> - write log to a file.

 

I attached what I think are the tdss log and the gsi screen shot......

 

Bonnie

post-272812-1270833922_thumb.jpg

log.txt

post-272812-1270833946_thumb.jpg

Share this post


Link to post
Share on other sites

Now TDSSkiller says cure failed...

 

Any thoughts of what to do next??

post-272812-1271163744_thumb.jpg

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.