Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Appear to have tdss rootkit problem


  • Please log in to reply
1 reply to this topic

#1 bunpunk

bunpunk

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:47 PM

Posted 17 November 2009 - 01:08 PM

Hi,

I recently visited a web page using the first Google Chrome browser and got bombarded with viruses -- mostly fake security stuff that was successfully removed by Avast, Sophos, Malwarebytes and any number of other security apps I downloaded in a panic.

Now all those scans come up negative for viruses, but every hour or so, my Sophos tells me that it's trapped a virus that Google tells me is related to the tdss rootkit.

I'm using Windows XP. Any suggestions?

Thanks

BC AdBot (Login to Remove)

 


#2 rigel

rigel

    FD-BC


  • BC Advisor
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:11:47 PM

Posted 17 November 2009 - 01:39 PM

Let's look for that toolkit...

Install RootRepeal

Click here - Official Rootrepeal Site, and download RootRepeal.zip. I recommend downloading to your desktop.
Fatdcuk at Malwarebytes posted a comprehensive tutorial - Self Help guide can be found here if needed.: Malwarebytes Removal and Self Help Guides.
Click RootRepeal.exe to open the scanner.
Click the Report tab, now click on Scan. A Window will open asking what to include in the scan.
Check the following items:
Drivers
Files
Processes
SSDT
Stealth Objects
Hidden Services

Click OK
Scan your C Drive (Or your current system drive) and click OK. The scan will begin. This my take a moment, so please be patient. When the scan completes, click Save Report.
Name the log RootRepeal.txt and save it to your Documents folder - (Default folder).
Paste the log into your next reply.

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users