Help TDS found Trojan need to remove

Discussion in 'Trojan Defence Suite' started by MnSD, Jul 12, 2004.

Thread Status:
Not open for further replies.
  1. MnSD

    MnSD Registered Member

    Joined:
    Jun 14, 2004
    Posts:
    17
    Location:
    San Diego, CA.
    TDS has found a trojan its trojan dropper that is in all the following files, when I right click on a highlighted file in TDS does it remove the file or just clean it these seem to be pretty important files. Just need to know how to get rid of it never had TDS find anything before.I am also curious how this trojan got aroundTDS, NAV2004 ,SPYBOT and a few other things I have which are updated in a timely manner. Any suggestions would be appreciated.

    here is the log from TDS:
    can Control Dumped @ 12:14:39 12-07-04
    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\windows\system32\winlogon.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\windows\system32\winlogon.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\windows\system32\winlogon.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\windows\system32\winlogon.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\windows\system32\services.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\windows\explorer.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\windows\explorer.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccsetmgr.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccsetmgr.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccevtmgr.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccevtmgr.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccapp.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccapp.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\windows\system32\spoolsv.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\progra~1\pestpa~1\ppcontrol.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\progra~1\pestpa~1\ppmemcheck.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\progra~1\pestpa~1\ppmemcheck.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\progra~1\pestpa~1\cookiepatrol.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccproxy.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\spybot - search & destroy\teatimer.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\spybot - search & destroy\teatimer.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\spybot - search & destroy\teatimer.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\symantec\deepsight extractor\extractorservice.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\spywareguard\sgmain.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\spywareguard\sgmain.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\symantec\deepsight extractor\extractorservicenpf04.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\norton internet security\norton antivirus\navapsvc.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\norton internet security\norton antivirus\savscan.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\norton internet security\norton antivirus\savscan.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\windows\wanmpsvc.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\program files\microsoft office\office11\outlook.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\windows\msagent\agentsvr.exe

    Positive identification (embedded in file): TrojanDropper.ÿÿÿÿÿÿÿÿÿ
    File: c:\windows\msagent\agentsvr.exe

    Thanks for your help
     
  2. Mr. Hrmm

    Mr. Hrmm Guest

  3. MnSD

    MnSD Registered Member

    Joined:
    Jun 14, 2004
    Posts:
    17
    Location:
    San Diego, CA.
    Thanks Mr. Hrmm, followed the link and downloaded the update, and I am clean again.

    The quick response on this site from those that know is awesome. Gotta admit though was kinda looking forward to using TDS to blow away some trojans....another day I guess.

    Mike
     
    Last edited: Jul 12, 2004
Thread Status:
Not open for further replies.