Hi Walter sorry I have to sort of hack your problem but I can't do anything
else, I had the problem above since beginning of January I've tried everthing
in the newsgroups suggested and even tried a repair installation to no avail,
please tell me how to take out the hard drive to clean it so hopefully my
computer will work. Thanks
- Show quoted text -
Just cleaned one of these off of a relatives computer. Resolved most
of the problems, but I do not have full faith that it is 100% clean.
Symptoms: Redirected Internet searches, blocked access to antivirus/
security sites, certain files invisible. Cannot do chkdsk.
If the automated tools found online do not work, this may clean it.
Sorry I did not take more precise notes. Fought with this for
hours.
Here is what I found.
TDSS was present as a hidden device in Device Manager (View Show
Hidden Devices)
Look in Non-Plug and Play Devices (Disable TDSS) If you restart the
computer, you are still infected.
Restart the Computer with either Windows XP CD and use Recovery
console or use something like BARTPE.
Recovery console will require administrator password.
Delete TDSS files. I found about 6 in %systemroomt%\system32 and 1 in
%systemroot%/system32/drivers
Reboot into safe mode
Go into registry.
Search for TDSS
You should find numerous entries, including one or two that list it as
a Legacy Service. Carefully delete the entries.
WARNING: Note the MS Warnings about screwing up the registry.
