i have recently installed kasperspky antivirus 8 on my windows xp. when i try to update the database, i always get the message “error connecting to update source.” while i was searching for a possible answer for my problem, i found out that there’s a new rootkit (tdsserv) that disables the updating of the our anti-viruses and stuff. it has been said that it can be disabled in the device manager, but when i went there, i cant find the said file.
as i dig more about the said rootkit, i found out some symptoms when having this pesky malware:
1. pc is working slowly
2. new desktop shortcuts have appeared or the home page has changed
3. annoying popups keep appearing on your pc
4. e-mails that you didn’t write are being sent from your mailbox
the only possible problem that i am having is that of number 3. but other than that, my pc is fine. knowing this and the fact that i cant find any tdsserv file in my device manager, is it safe to say that i am not infected with the said rootkit?
your answer is well-appreciated. ;p
Posts Tagged ‘Tdsserv.sys’
Am I Infected With The Tdsserv.sys Rootkit?!?
Monday, September 28th, 2009Can’t Remove Tdsserv.sys From Registry?
Monday, September 21st, 2009So I was hit by the TDSS backdoor trojan, and the only thing left after 2 passes with MalwareBytes and multiple passes with Superspyware, I have a registry key in HKLM/system/CCS\services\tdsserv.sys
When I try to modify the key, regedit notifies me that an error has prevented me from modifying the entry (access is denied).
I have tried symantec’s tool for unhooking regedit, but tdsserv destroys the fix instantly. I’ve also disabled system restore as well, and the key only appears in superspywareremover in non-safe mode, although the key can’t be deleted, no matter what.
Help pleeeeaaasee…this is just killing me. I’ve gotten so close to to killing this thing but it still is waiting to infect me again.