This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Trojan\TDL3Mem-A Cleaning

Hello,

We run Sophos as our enterprise anti-virus solution. Yesterday one of our machines was found to have this trojan on it: TDL3Mem-A (http://www.sophos.com/security/analyses/viruses-and-spyware/trojtdl3mema.html). It says it needs to be manually cleaned, but the Sophos site linked does not have instructions for it.

According to the scan it has infected ntdll.dll:pid:00000ab0.

Any help offered would be greatly appreciated.

Cheers.

This thread was automatically locked due to age.

Parents

0 DetlevRackow over 15 years ago

If a trojan can penetrate a machine so deep that an automated desinfection with Sophos AV is not possible, the machine is no longer trustworthy. Modern malware will often not only infect files, it will also temper with access control lists for files and registry, change com-permissions or change firewall settings.
You should reinstall the machine.
Best regards,
Detlev
:3103
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 DetlevRackow over 15 years ago

If a trojan can penetrate a machine so deep that an automated desinfection with Sophos AV is not possible, the machine is no longer trustworthy. Modern malware will often not only infect files, it will also temper with access control lists for files and registry, change com-permissions or change firewall settings.
You should reinstall the machine.
Best regards,
Detlev
:3103
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data