Author Topic: Norman TDSS/TDL3 cleaning tool  (Read 5577 times)

0 Members and 1 Guest are viewing this topic.

January 15, 2010, 02:06:31 pm
Read 5577 times

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Antivirus vendor Norman made a cleaning solution for TDSS/TDL3 available.
It currently  supports TDL3 only, but not earlier versions.

http://download.norman.no/public/Norman_TDSS_Cleaner.exe
Ruining the bad guy's day

January 15, 2010, 09:54:10 pm
Reply #1

himfack

  • Newbie

  • Offline
  • *

  • 5
Not detect the current version (3.23).

January 15, 2010, 09:56:13 pm
Reply #2

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Not detect the current version (3.23).

Can you send me a sample of v3.23 ?
Ruining the bad guy's day

January 16, 2010, 10:45:05 am
Reply #3

himfack

  • Newbie

  • Offline
  • *

  • 5
Can you send me a sample of v3.23 ?
Check your personal message.

January 16, 2010, 11:50:23 am
Reply #4

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Ruining the bad guy's day

January 16, 2010, 06:15:57 pm
Reply #5

lars

  • Newbie

  • Offline
  • *

  • 2
Not detect the current version (3.23).

I just did a test with the sample 618d3a86c84478eb21d86a18ee218be2,
and Norman TDSS Cleaner detects and cleans it just fine.

My test system is XP SP3. Can you verify your findings or report what system you're running?

Thanks for your feedback.

January 17, 2010, 04:07:47 pm
Reply #6

himfack

  • Newbie

  • Offline
  • *

  • 5
I just did a test with the sample 618d3a86c84478eb21d86a18ee218be2,
and Norman TDSS Cleaner detects and cleans it just fine.

My test system is XP SP3. Can you verify your findings or report what system you're running?

Thanks for your feedback.
I did a test and Norman TDSS Cleaner is not found older variants of this rootkit (both 3.17 and the first variants). OS - XP SP2

January 18, 2010, 11:59:37 am
Reply #7

lars

  • Newbie

  • Offline
  • *

  • 2
Ok,

Can you share the sample please?

Thanks for testing  ;)

January 18, 2010, 12:38:15 pm
Reply #8

himfack

  • Newbie

  • Offline
  • *

  • 5
Ok,

Can you share the sample please?

Thanks for testing  ;)
http://www.malwaredomainlist.com/mdl.php?search=tdss&colsearch=All&quantity=50
look here :)

p.s.
currently tdsskiller is the only utility who can detect and remove this active malware.

January 29, 2010, 02:54:29 pm
Reply #9

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
A new version is available for download.
Ruining the bad guy's day