Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Help Needed to Remove Rootkit.Win32.TDSS.fa

  • Please log in to reply
No replies to this topic

#1 grnsix


  • Members
  • 2 posts
  • Local time:04:33 AM

Posted 18 December 2010 - 12:39 AM

**This is a second posting, as I don't think I posted to the right forum the first time!**

Hello, my computer problems began when I was getting redirected to random sites after my google searches. Then, my computer started freezing, would not open up any programs or applications, including the task manager. After rebooting, the same thing would happen again. I ran a trial version of Kaspersky 2011, and it cleaned up some issues with my computer. It is saying there are no active threats now, even though it finds Rootkit.Win32.TDSS.fa every time. I run the Kaspersky disinfection and reboot, but it keeps finding it.

I'm not sure if it is related, but when I run the disinfection Kaspersky tool on Rootkit.Win32.TDSS.fa, it will scan and come back saying "No threats detected." During the disinfection process though, I get a pop-up window over and over again that says "mmctxth.exe - Bad Image. The application or DLL C:\\WINDOWS\system32\xpobres.dll is not a valid Windows image. Please check this against your installation database. The pop-up will occur again and again for C:\\WINDOWS\system32\xpob2res.dll and C://WINDOWS/system32.netsh.exe, C:\\WINDOWS\system32\fwcfg.dll, and C:\\Program Files\Common Files\Pure Networks\Shared\Platform\AVManagerUnified.dll. My computer performance is still inconsistent, so I am getting worried that the virus(es) is still there. After working on it for awhile, I will be unable to run programs, the task manager, and am even unable to turn off or restart the computer using the start menu and will have to manually do it. When I turn my computer on again, I get a pop-up message at start-up that says "Ram2_xp. Unable to load WRegLib.dll."

Sorry if this is too much information, but I am not sure which of these issues are related, so I wanted to put it all out there. I appreciate any help you can offer!


BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users