Dreaded rootkit.TDSS help

Well, after looking around other thread, I couldn't find a way to get rid of the problem on my windows 7 laptop. Norton keeps popping up with a high risk "Boot.Tidserv remove failed" and it's pretty annoying.

As you can tell, this is my first time posting on MajorGeeks, I have tried to follow the steps in the Important thread but no luck.

I would like some help, please. Just tell me what is needed to start off. I'll be using another laptop and a usb since I cut off the internet on the infected laptop.

 

Hi and welcome to Major Geeks, sil3nt_gh0st!

Now we need to run TDSSKiller by Kaspersky
Follow the instructions here and attach your log when you are finished. (How to attach items to your post)


Please download MBRCheck by GeeksToGo to your desktop.
See the download links under this icon

• Double click MBRCheck.exe to run (Vista and Win7 right click and select Run as Administrator)
• It will show a Black screen with some information that will contain either the below line if no problem is found:
  • Done! Press ENTER to exit...
• Or you will see more information like below if a problem is found:
  • Found non-standard or infected MBR.
  • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
• Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
• MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
• Attach this log to your next message. (How to attach items to your post)

Please download aswMBR by Avast! to your desktop.

• Double-click aswMBR.exe to run it (Vista and Win7 right-click and select Run as Administrator)
• Select No when asked Would you like to download latest Avast! virus definitions?
• Click the [Scan] button.
  Note: This scan should only take a few seconds to complete.
• On completion of the scan click [Save log], save it to your desktop and attach this log to your next message. (How to attach items to your post)

 

Well I haven't used the Avast MBR program yet, but I have uploaded the changes from two hours ago and now..

It appears that it has disappeared but that's what happened yesterday and it came back all of a sudden today.

 

Did you fix the MBR using the MBRCheck program? It typically does not work with newer MBR infections. I would have asked you to back up your data before attempting to fix it.

Can you perform the procedures in the Read and Run Me First - Malware Removal Guide

Without the MBR infection present, it should be possible. Try it, attach the logs when you are finished so I can analyze them for you and help you remove any remaining traces of malware.