Yesterday, I evidently picked up a virus/trojan or two. I have run multiple scans all day using McAfee (which was updated to latest .dat file today) (I have Security Center 9.15 and VirusScan 13.15). I get the message that a Trojan with the detection name of TDSS.b!mem was found and removed (or sometimes it says quarantined). The file name listed is SUSP_IRP_MJ_CREATE. Everytime I run the scan it finds this file and either "removes" it or "quarantines" it.
I've run Malwarebytes also (recently downloaded and updated with latest definitions file) and it finds nothing, but then run McAfee again and it finds the above trojan.
I need help in getting rid of this thing PERMANENTLY. Can you help me?
This seems to be a recent outbreak of infection;
Try to run an advanced scan in safe mode:
Tap F8 repeatedly while booting up. You'll get a boot screen with choices. Pick Safe Mode. by which your computer will boot in a low resolution state and it will run with the minimum resources.
Download and run the Mcafee free stinger program
Set it to Report Mode (in Preferences) and restart the computer and check the status.
Hi Dinesh -
I've done the Full Scan (couldn't find an advanced scan as you mentioned in your post) while in safe mode and the log said it found and deleted the same trojan.
I've downloaded the stinger program and am running it now (while in safe mode and in report only mode). I have not yet turned off my system restore because I wanted to see if it found anything first. I will let you know what happens.
My question to you is.... the info on the stinger program said it was current as of 11/09. I understand that the "new outbreak of infection" as you called it was a newly found trojan (TDSS.b!mem), so how would an older program find and fix the problem?