Got hit by this last night, Avast stopped all but this… which I admit is pretty good as near 10 things came in at once which is normal for a dummy like me not using an up to date Firefox!
I had to use combofix to get this virus off my machine.
It looks like it may be a variant of the TDSS Virus.
Hi bspurloc,
Give this bundled av power a whirl as the topping of the cleansing cake,
then you have certainty you are completely and utterly clean!
Hitman Pro 3 - Second Opinion Malware Scanner http://www.surfright.nl/en/hitmanpro
How to start Hitman Pro in Force Breach mode http://www.youtube.com/watch?v=m6eRWTv2STk
And automate your patch policy with this scan: https://secunia.com/vulnerability_scanning/personal
polonus
No need to scan anything I am clean.
I thought it would be proper to let Avast know their software is not detecting this variant…
I don’t see any way to send Avast the file so they can add it to their next update.
Last night only 17 other places were detecting this variant, now it is 22, with Avast still off the list of detectors.
So a URL of how to submit this to Avast would be nice.
Also the Avast cleaner fails to properly clean some Virut files I cleaned a few months ago.
It owuld be nice to be able to send those up too so the cleaner can be fixed for the changed variant.
Hi bspurloc,
I assume you have enough expertise to fully back up that statement (if you know how to work ComboScript on your own you can take care of malware allsorts and know when you are uncompromised), anyways thanks for reporting this.
Just wanted to give the information that Hitman Pro scans much deeper than a single resident av solution to better deal with this form of hidden atapi.sys rootkit malware. Welcome to the forums, can you elaborate a bit more on your virut cleaning routine (or is that giving away too much to the malcreants?)
polonus
Polonus he wanted to know where to send the virus undetected by avast!
Bspurloc,
Follow these steps for send a unknown malware to ALWIL Software.
Step 1. Locate the file
Step 2. Open avast!
Step 3. Maintenance
Step 4. Virus Chest
Step 5. Left Click
Step 6. Add
Step 7. Browse to the file location
Step 8. Left click to the file on the quarantine
Step 9. Send to ALWIL
Step 10. Fill out the thing as asked for what they need to do. (Ex: Possible malware)
For the virut files its a virus very hard to be rid of. So this one i cant respond.
Sorry. Maybe another guy will can help you what to do for the cleaner. But you can alway install avast! Free Antivirus 5.0 and try out if its can clean it.
Mr.Agent
Yes this is exactly what I am looking for how to notify Avast of the problem! Thanks!
"I don’t see any way to send Avast the file so they can add it to their next update. "
I’ll do that as soon as I get home, well i will check if Avast has it added yet…
The first day of getting rid of this 14/41 Virus checkers saw it last night it had increased to 23 so progress is being made!
Not sure how upgrading to Avast 5.x would help as virustotal.com clearly shows avast definitions have no idea it is a tdss variant.
Does it monitor for rootkit activity or attempts better??
Eventually I have to upgrade to it when 4.x is obsolete, but I am not the type that does something just because your supposed too, I want facts and reasons. You end up dead off a cliff doing things ‘because’.
“How much you lift bro?”
For sending unknown malware i did said it just up to your post you did. Follow those steps. 
avast! 5 has a behavior shield,heuristic,pup detection,real-time rootkit detection and many many many more.
Like i can say. You should try it. If you have problem we can alway help you. I use it on a live pc and this pc work hard and never had a single problem with it.
The current version is really good for me and maybe others users that use it.
So its up to you. ;D
Mr.Agent