Can’t run TDSSKILLER
Here is how to get it run despite a rootkit being active. Even better, it will find the rootkit (typically SSDT.B). Follow this guide at your own risk and try not to break anything. Download Kernel Detective The reason we cant open TDSSKiller is there is a “filter” watching the CreateProcess happen. We need to remove it by going to KD+ and selecting “System Notify Callbacks” Look for objects like these: Right click and delete the CreateProcess and ImageLoad where the callback routine exists in an unknown module. You’ll notice another CreateProcess called MpFilter.sys, that is Microsoft Security Essentials, don’t worry about that one! You should now be able to run TDSSKiller. Sometimes it won’t always get the root cause, though. You may consider running MBRCheck with TDSS as well, then rebooting.
http://www.woodmann.com/collaborative/tools/index.php/Kernel_Detective
http://www.explosiveknowledge.net/main/2012/02/25/tdsserror/