Your Computer Starts Up to a Blue Screen and Keeps Rebooting Itself
Check whether TDSSmhlt.sys is present in the following locations:
- C:\WINDOWS\system32\drivers\TDSSmhlt.sys
If you find TDSSmhlt.sys in any of these locations, your computer is very likely to be infected with the following malware:
- TDSServ
- To enable deleting the TDSSmhlt.sys file, terminate the associated process in the Task Manager as follows:
- Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
- In the Tasks Manager window, click the Processes tab.
- On the Processes tab, select TDSSmhlt.sys and click End Process.
- Using your file explorer, browse to the file using the paths listed in Location of TDSSmhlt.sys and Associated Malware.
- Select the file and press SHIFT+Delete on the keyboard.
- Click Yes in the confirm deletion dialog box.
You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.
After you delete a locked file, you need to delete all the references to the file in Windows registry.
To delete a locked file:
- Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
- Restart your computer.
The file will be deleted on restart.
To remove all registry references to a malware file:
- On the Windows Start menu, click Run.
- In the Open box, type regedit and click OK. The Registry Editor window opens.
- On the Edit menu, select Find.
- In the Find dialog box, type FILENAME. The name of the first found registry value referencing TDSSmhlt.sys is highlighted in the right pane of the Registry Editor window.
- Right-click the registry value name and select Delete on the menu.
1
Advertisement
Website Designed & Developed By