Jump to content

Tiny_Glow

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks for the attention. Attached are 4 logs zipped, they should show the history of the infection(s). The keypoint is in the third log, where it says tdss deletion successfully but it is not. Hope it helps ... mbam_log_2008_10_30__15_13_12_.zip mbam_log_2008_10_30__15_13_12_.zip
  2. Although not done what is suggested there it helped to find the way to solve the problem, as follows: a) from DeviceManager -> Show hidden peripherals disable Tdssxyx.sys where xyz are random characters (found on non plug and play peripherals) c) REBOOT SAFE MODE (press F8 while Windows boots) no command prompt d) move to Windows\system32 and NOW the tdssxyz.xyz files become visible!! Deleted them all. e) move to system32\drivers, deleted tdssxyz.sys f) reboot safe mode (?) and unistall the peripheral driver tdssxyx.sys g) reboot normal - deleted all what possible from registry - search tdss (all values) if and when found -> delete h) Scan MB did not found any tdss anymore !!! Neither tdss.sys has been installed nor process explorer (www.sysinternals.com) finds any handle or dll attached. Victory Seriously thinking to upgrade to MBPro, MB has been the only malware fighter capable of removing AntivirXp 2009. The rest is ordinary routine. I want to thanks all the people spending their time to give me this help that solved (almost I think so) the infection. THANKS YOU ALL
  3. Hello everybody ... I need help with this f.... tdss malware, MB correctly detects the concerned registry key being infected, allows deletion and all seems to proceed the right way. Once I reboot the PC the infection is still there, I've disabled-rebooted PC and then uninstall the tdss.sys driver with no success. I think the rootkit hides all files having tdss into filename .. though .. because I've never been able to see such files anywhere in the drive. ??? Please help me I'm desperate ...
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.