Jump to content


Recommended Posts

Just got hit with a Rootkit.TDSS virus and it appreas to be a monster. XP safemode had been disabled and my system boots all the way to the desktop and then after 5 seconds nothing is clickable. I removed the compromised harddrive and scanned it in my other system where MBAM was able to find and clean 3 instances of Rootkit.TDSS. Unfortunately that didn't appear to do the trick. I am thinking that I need to run Combofix but I cannot find the download anywhere at the moment.

Any help would be greatly appreciated. I've got nothing to do today but fix my system so whoever chooses to work with me will get very fast replies on everything.


Link to post
Share on other sites

Hello Luma, and welcome to Malwarebytes.org

We don't work on Malware removal in the general forums.

Please print out, read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someone has replied to your post.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org

Link to post
Share on other sites

TDSSserv is a well known rootkit.

Due to the fact it's a rootkit I suggest you take the steps below for to help keep your security information safe.

Disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

If possible it would be best if you can use another computer to do all of this and to see if anyone replies to your topic from a clean system.


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.