cancel
Showing results for 
Search instead for 
Did you mean: 
eaw7100
Level 7

Can not remove TDSS.b!mem

I can not remove the trojan with the file name "SUSP_IRP_MJ_CREATE". The detection name is "TDSS.b!mem" I have tried using McAfee, which deletes it, and then it reappears on a subsequent scan. I have also tried Malwarebytes and stinger which does not find it. I also tried running McAfee, Malwartebyetes and stinger in safe mode which doesn't help.

I am running Virus Scan build 13.15.116

DAT version 5914.0000

Engine Version 5301.4018

Any suggestions?

Labels (1)
0 Kudos
2 Replies
paullotion
Level 11

Re: Can not remove TDSS.b!mem

Hello,

Does Mcafee or any other scan you have run give you the location of theis TDSS.b!mem? If so can you post the info, it should be something like this:

c:\windows\system32\drivers\76y754Y88.sys <--Or similar

0 Kudos
Pycho
Level 7

Re: Can not remove TDSS.b!mem

I have a similar issue. It constantly reports a TF-Downloader Trojan in what I believe is my registry. It could be a false positive, however, I feel performance is diminished, so I don't think so. Malwarebytes and SuperAntiSpyware do not pick it up. McAfee's post-scan system is hopeless, the design really is not intuitive at all, and it is not at all obvious how to remove threats. And I feel it isn't removing them anyway. If this license didn't come with my OS then I would not be using this.

I am running a scan with AVG Free to see if it picks it up. If it does then bye bye McAfee, you have served me poorly. If it doesn't it is a possible false positive.

0 Kudos