This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Trojan\TDL3Mem-A Cleaning

Hello,

We run Sophos as our enterprise anti-virus solution. Yesterday one of our machines was found to have this trojan on it: TDL3Mem-A (http://www.sophos.com/security/analyses/viruses-and-spyware/trojtdl3mema.html). It says it needs to be manually cleaned, but the Sophos site linked does not have instructions for it.

According to the scan it has infected ntdll.dll:pid:00000ab0.

Any help offered would be greatly appreciated.

Cheers.

This thread was automatically locked due to age.

Parents

0 Reefer over 14 years ago

Got infected with tdl3mem-b from a compromise legit website and received a cocktail of viruses in the payload. Sophos cleared some but needed Combofix to clean a couple of others. Finally left with tdl3mem-b (the only apparent effect was unwanted redirections) and TDSSKILLER cleaned it without requiring to work in WinXP safe boot mode. No prob's now.
:7051
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Reefer over 14 years ago

Got infected with tdl3mem-b from a compromise legit website and received a cocktail of viruses in the payload. Sophos cleared some but needed Combofix to clean a couple of others. Finally left with tdl3mem-b (the only apparent effect was unwanted redirections) and TDSSKILLER cleaned it without requiring to work in WinXP safe boot mode. No prob's now.
:7051
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data