Removal of Rootkit TDss

Ive read several other threads where the OP was in the same situation but havent found answers that are applicable or detailed enough to assist me. Im computer capable and experienced but in no way a guru and might have to be walked through a few things...

As for my situation its my father in laws laptop, its OS is XP. He let his younger daughters get on his laptop and they casually frequent websites filled with potential risks. When I got the computer I just assumed it was your regular group of malware and such but after removing what I believed was all of the evil doers I was left with Win32.Trojan.TDss process and its companion file in rootkit form.

I used malware bytes and microsoft security essentials to remove all of the other stuff that came along with this rootkit trojan but im at a loss as how to proceed in removing this bug. I dont want to mess around trying to get rid of it but making things worse.

I didnt want to but for testing purposes i tested the virus out a bit. I cant download new or update any virus/malware removal software and the one time I tried to remove the virus upon restart I got a blue screen that went by very fast, all I can make out is system32, which i assume is when it is re-loading itself.

Sorry for the long winded post just trying to be as detailed as possible, any help and advice would be deeply appreciated...

Reply to
Code-Red
Loading thread data ...

follow this

formatting link

Reply to
darfun

Thx for the reply. Went to try your solution but the drivers are not showing up. Yes options were selected to show hidden devices/files.

From what I can tell the avs thinks that the root kit file is at

C:\WINDOWS\system32\drivers\UACxctrkcvkqlxmydc.sys

which I cant locate, and that the trojan aplication is located from

\\?\globalroot\systemroot\system32\uacoquoyxxnkgijfrb.dll

so im still kinda stuck...

Reply to
Code-Red

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.