TDS scans continually identify these DRDOS trojans but when I select them to delete, they come right back. How do I get rid of these permanently? Thank you!
Txblush, so an actual hard drive scan is picking up these trojans Possibility of them not being deleted is the fact that they could still be running in the process list. Have you done a process file/memory scan? Mutex Scan or Memory Objects scan? These 4 will be able to detect it whilst they are currently active, and 3 of them, give you the options to 'Kill' or terminate the process/application and then delete it afterwards. I'm not sure what the policy is here with regards to posting the detection log file, so if you like, you can private message me the list, and I'll try help you out from there....... When TDS-3 detects them on your hard drive, right click on the detected files, and select "Save as text". PM me that list if you like, and will try help you from there. Kind Regards PS. There is a program called 'Delater' also by DiamondCS, this program may prove useful if you cannot remove the trojans from the process list
Disable system restore reboot and scan again. More info http://vil.mcafeesecurity.com/vil/content/v_126433.htm
Thank you for your response. Yes, these DDos.RAT.rBOT type trojans are showing up on my new drive...new computer, with new motherboard, etc. Deleting them never worked (right mouse click choice). Last night I put the computer in Safe Mode, reran TDS-3 (full scan). This time I deleted them directly from the registry...rescanned in Safe Mode and they were finally gone. If you are interested in the files, they were in (shortened version) CurrentVersion/RunServices[Microsfot Update = bling.exe], same thing in just the "Run" file, and in LocalUser; the other items were in the same paths only [WindowsCompliant=winole.exe]. You act surprised that they are on my hard drive....since I am not real savvy on these things, where would these items normally be? I haven't had time to recheck/rescan (as I am now at work); to see if these PITA's have rejuvenated themselves. Paula
No i wasn't surprised that they were on your hard drive, I was just wondering what method of detection TDS-3 used to find them, IE Process list, mutex, etc.. Glad its all sorted now though, all the best