Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

rootkit and pciiede.sys


  • Please log in to reply
11 replies to this topic

#1 brute force

brute force

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:04:40 PM

Posted 03 February 2011 - 09:43 AM

hi guys.

i have an annoying issue that i am sure you guys could put an end to. I use Avast Anitvirus and i am getting a message that a rootkit has been detected. Rootkit information: \system32\drivers\pciide.sys.
i cant even use malwarebytes to get rid of it and i can not update malware because it knocked out my internet connection. it probably knocked out some services also.
What can i do at this point. please help. thanks

Edited by Budapest, 03 February 2011 - 04:38 PM.
Moved from Virus, Trojan, Spyware, and Malware Removal Logs ~BP


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:40 AM

Posted 03 February 2011 - 04:39 PM

Try this:

http://www.bleepingcomputer.com/virus-removal/remove-tdss-tdl3-alureon-rootkit-using-tdsskiller
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 brute force

brute force
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:04:40 PM

Posted 05 February 2011 - 02:05 PM

thanks very much for your prompt response. this seemed to get rid of the infection but i still cant get to the internet although all indications are that i should be able to (wireless status excellent, used "repair" etc). any idea why ie not getting to internet? thanks again

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:40 AM

Posted 05 February 2011 - 03:13 PM

It it only surfing the web or all internet functions that do not work?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 brute force

brute force
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:04:40 PM

Posted 05 February 2011 - 03:25 PM

i just treid opening up a browser and got the usual page not found. is there something else i can try to help you diagnose

#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:40 AM

Posted 05 February 2011 - 04:24 PM

In Internet Explorer go to Tools->Internet Options. In this dialog box, choose Connection Settings tab. Here click on the LAN Settings button. This will have two main checkboxes, one to detect internet settings automatically and another to user a Proxy server. Make sure that the Proxy server checkbox is unchecked.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#7 brute force

brute force
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:04:40 PM

Posted 05 February 2011 - 04:41 PM

already had checked that the box was not checked as i have notice a lot of malware will check the proxy box.

#8 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:40 AM

Posted 05 February 2011 - 04:49 PM

Try these:

http://www.cexx.org/lspfix.htm

http://www.spychecker.com/program/winsockxpfix.html
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#9 brute force

brute force
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:04:40 PM

Posted 05 February 2011 - 09:14 PM

thanks so much. That did it. LSP did not do it but the Winsock XP Fix did it

#10 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:40 AM

Posted 05 February 2011 - 09:52 PM

:thumbup2:
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#11 brute force

brute force
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:04:40 PM

Posted 06 February 2011 - 11:53 AM

sorry to bother you again, but although it was successful, i dont remember if i rebooted the computer last night. i did this morning and i got the dell startup screen and then black. could there be some by-product of doing this winsock fix last night. i will continue to try to restart but i cant even get to the F8 screen where i have startup options
thanks

#12 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:40 AM

Posted 06 February 2011 - 04:13 PM

If you cannot get to the F8 screen it sounds like a hardware problem. What is the make and model number of your computer?
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users