Jump to content

Security Risk of Trojan.TDSS

Recommended Posts

Can someone please inform me of what the security risk is to a pc infected with the Trojan.TDSS rootkit? I assume its a rootkit due to the below unremovable MBAM log entries.

Memory Modules Infected:

\\?\globalroot\systemroot\system32\geyekrkcxxccqt.dll (Trojan.TDSS)

Files Infected:

\\?\globalroot\systemroot\system32\geyekrkcxxccqt.dll (Trojan.TDSS)

Is it just a re-direct?

Can it steal passwords?

Can it steal cc #s, online banking info, customer db info, etc...?

Is it a key logger?

Can it allow remote connection? etc...

I currently have a post in limbo that I have been awaiting help on, but I would really like to know if I need to be extremely concerned or not.

Link to post
Share on other sites

TDSS is a rootkit often used to protect other malware, hide files and registry keys, and prevent security software from running. The other malware it is protecting can do anything it wants to, from stealing data to trying to scam you into paying for rogue software. Usually we see TDSS protecting various rogue anti-virus and anti-spyware applications, because there is a lot of money in that industry.

TDSS is annoying to remove, but running MBAM and ComboFix pretty much gets rid of all of it. Of course, you don't want to run ComboFix on your own, so wait until your helper instructs you to do so.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.