This is the pertinent section of the log which indicates a
TDSS rootkit infected the
Master Boot Record (MBR) and that it will be cured after reboot.
2011/02/03 10:47:43.0390 2192 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/02/03 10:47:43.0406 2192 ================================================================================
2011/02/03 10:47:43.0406 2192 Scan finished
2011/02/03 10:47:43.0406 2192 ================================================================================
2011/02/03 10:47:43.0421 3988 Detected object count: 1
2011/02/03 10:50:23.0765 3988 \HardDisk0 - will be cured after reboot
2011/02/03 10:50:23.0765 3988 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
This particular malware alters the MBR of the system drive to ensure persistent execution of malicious code. Essentially, it
overwrites the MBR of the hard disk with its own code and stores a copy of the original MBR at another sector using
rootkit techniques to hide itself. For more specific analysis and explanation of the infection, please refer to:
Please reboot if you have not done so already. Rerun TDSSKiller again and post the new log to confirm the infection was cured.
Rescan again with Malwarebytes Anti-Malware (
Quick Scan) in normal mode and check
all items found for removal. Don't forgot to
check for database definition updates through the program's interface (
preferable method) before scanning and to reboot afterwards.
Failure to reboot normally will prevent Malwarebytes' from removing all the malware. When done, click the
Logs tab and copy/paste the contents of the new report in your next reply.