I appear to have a rootkit.tdss on my XP. I have run malwarebytes...it detects and removes the problem, but on restart it is still there. Kapersky: same thing, or no detection at all. Please help me remove this thing!
Make sure, that there is no internet connection possible, while you use that tools to remove the rootkit. Otherwise, it still downloads itself again and you are still at the beginning.
Best is to start windows in safe mode, with no internet connection and then run e.g. malwarebytes.Please send a reply, if you solved the problem !!!
still the same result. Evidently malwarebytes is not removing it and kapersky does not recognize that it is there? same results with hijack this. trying another download this AM.
will uninstalling everything and reinstalling all software help? I have backup--will start over if need be.
What does Malwarebyte's Antimalware report ?
There are a few anti root kit solutions , So help us out here , perhaps you could post the MBAM log .PS. uninstalling software programs will not help , the root kit is in the operating system .
malwarebytes log is:
Malwarebytes' Anti-Malware 1.40
Database version: 2723
Windows 5.1.2600 Service Pack 39/2/2009 2:26:23 PM
mbam-log-2009-09-02 (14-26-23).txtScan type: Quick Scan
Objects scanned: 95511
Time elapsed: 4 minute(s), 14 second(s)Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0Memory Processes Infected:
(No malicious items detected)Memory Modules Infected:
(No malicious items detected)Registry Keys Infected:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\kbiwkmloyxvklr (Rootkit.TDSS) -> Quarantined and deleted successfully.Registry Values Infected:
(No malicious items detected)Registry Data Items Infected:
(No malicious items detected)Folders Infected:
(No malicious items detected)Files Infected:
(No malicious items detected)
This link below shows how to use Rootrepeal , http://www.malwarebytes.org/forums/...
Rootrepeal you get from this link ,
http://rootrepeal.googlepages.com/
Remember we are looking for kbiwkmloyxvklr
You could try Sophos Anti rootkit free
http://www.sophos.com/products/free...Or the fully functional evaluation copy of Unhackme
http://greatis.com/unhackme/downloa...PS. If you have Spybot s&d close teatimer .
..........
had to uninstall spybot in order to install kaspersky, so no problem there. thanks for the info--will run some of that and get back in a bit...
thx.
I also had Rootkit.TDSS, something about SKYNET. Malwarebytes detected it but could not remove it. I tried Spyware Doctor and it did the trick. No more problems.
I seem to be clear now--did spyware doctor earlier and nothing showing on scan. I will keep these suggestions if I need in the future. Thank you all for your help!
CK
Thanks for getting back to us as you feedback will help others
 |
|
| « internet options will not... | Google redirects to wrong... » |
TOM'S GUIDE AROUND THE WORLD | |
| United States | France |
| Germany | Italy |
| United Kingdom | Ireland |
