cancel
Showing results for 
Search instead for 
Did you mean: 

Where does Mcafee stand on TDL-4?

Reading an article on CNET: http://news.cnet.com/8301-13506_3-20075725-17/tdl-4-the-indestructible-botnet/?tag=mncol;txt

Just wondering if Mcafee have released any official document on this. Any info from Mcafee will be appreciated..

8 Replies
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 2 of 9

Re: Where does Mcafee stand on TDL-4?

Moved to Malware Discussion > Home User Assistance for better attention although I see you previously posted in Business some time ago.

Message was edited by: Ex_Brit on 01/07/11 4:29:48 EDT PM

Re: Where does Mcafee stand on TDL-4?

I am consulting for an enterprise customer. Will apprciate if you keep me in the business side..

Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 4 of 9

Re: Where does Mcafee stand on TDL-4?

Sorry, you originally posted this thread in consumer products so wasn't sure.   Moved to Corporate User Assistance.

.

Message was edited by: Ex_Brit on 01/07/11 4:31:48 EDT PM
Reliable Contributor Hayton
Reliable Contributor
Report Inappropriate Content
Message 5 of 9

Re: Where does Mcafee stand on TDL-4?

I've also been reading a lot about this over the past few days. McAfee seems pretty confident that TDL3 and TDL4 rootkit infections will be cleaned by a normal scan if you have the latest DAT file : there was a blog article a liitle while ago that dealt with this subject - "Memory Forging Attempt by a Rootkit" (April 21st, by Rachit Mathur). Read it and see what you think - I'm waiting for someone who's been infected to come back and say that McAfee took care of the infection.

Re: Where does Mcafee stand on TDL-4?

Looks as though Mcafee only works Mon-Fri 0900 > 1700. The BBC site in the UK and Computer Weekly site are saying TDL-4 is 'indistructible' - I guess we Mcafee subscribers can rest easy - as a search for TDL-4 on the Mcafee site produces no results, and postings about  Mcafees position on TDL-4 produce no responses. Either they aren't worried about TDL-4 - unlike the rest of the world - or they have our money so we can (fill in your own expletive).

Re: Where does Mcafee stand on TDL-4?

Support is there 24x7x365 and we don't sell enterprise products without a support license, so if you have an urgent query I'd recommend picking up the phone.

TDL-4 is not our detection name, which is why you can't find it referenced in the VIL.

According to research we have detetion coverage for this as TDSS!c. The repair can be complex so if you do find an issue again I would always recommend calling us for assistance.

Hope this helps,

Sam

.


on 04/07/11 6:22:46 EDT AM
jhall1
Level 9
Report Inappropriate Content
Message 8 of 9

Re: Where does Mcafee stand on TDL-4?

Yep! McAfee has detections for over 50 variants and I have even seen it personally seen it

detect and clean with a normal On-Demand scan.  (It will tell you if a root kit is installed and may want to reboot to finish cleaning the system.

You can view all our detections here for TDSS here:

http://home.mcafee.com/VirusInfo/ThreatSearch.aspx?term=TDSS

Heres a screenshot of a variant that was detected:

tdss.jpg

Reliable Contributor Hayton
Reliable Contributor
Report Inappropriate Content
Message 9 of 9

Re: Where does Mcafee stand on TDL-4?

Thank you. It's good to have that confirmed.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community