3 Replies Latest reply on Feb 4, 2010 7:25 PM by tasLP

    McAfee will not permanently remove trojan

      Hello!

       

      Yesterday, I evidently  picked up a virus/trojan or two.  I have run multiple scans all day using McAfee (which was updated to latest .dat file today) (I have Security Center 9.15 and VirusScan 13.15).  I get the message that a Trojan with the detection name of TDSS.b!mem was found and removed (or sometimes it says quarantined).  The file name listed is SUSP_IRP_MJ_CREATE.  Everytime I run the scan it finds this file and either "removes" it or "quarantines" it.

       

      I've run Malwarebytes also (recently downloaded and updated with latest definitions file) and it finds nothing, but then run McAfee again and it finds the above trojan.

       

      I need help in getting rid of this thing PERMANENTLY.  Can you help me?

       

      Thank you!

        • 1. Re: McAfee will not permanently remove trojan
          Dinz

          Hi tasLP,

          This seems to be a recent outbreak of infection;

          Try to run an advanced scan in safe mode:

          Tap F8 repeatedly while booting up. You'll get a boot screen with choices. Pick Safe Mode. by which your computer will boot in a low resolution state and it will run with the minimum resources.

           

           

          Run Stinger:
          Download and run the Mcafee free stinger program
          http://vil.nai.com/vil/stinger/
          Set it to Report Mode (in Preferences) and restart the computer and check the status.

           

           

           

           

          Regards,

          Dinesh K

          • 2. Re: McAfee will not permanently remove trojan
            Peter M

            Moved to McAfee Communities > Security Awareness > General Malware Discussion > Home User Assistance > Discussions

            • 3. Re: McAfee will not permanently remove trojan

              Hi Dinesh -

               

              I've done the Full Scan (couldn't find an advanced scan as you mentioned in your post) while in safe mode and the log said it found and deleted the same trojan.

               

              I've downloaded the stinger program and am running it now (while in safe mode and in report only mode).  I have not yet turned off my system restore because I wanted to see if it found anything first.  I will let you know what happens.

               

              My question to you is....  the info on the stinger program said it was current as of 11/09.  I understand that the "new outbreak of infection" as you called it was a newly found trojan (TDSS.b!mem), so how would an older program find and fix the problem? 

               

              Thanks!