Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: New TDL4 rootkit successfully hiding from AV


09 Oct 2012   #1

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 
New TDL4 rootkit successfully hiding from AV

Quote:
A new variant of TDL4 has been identified, and it is now ranked as the second most prevalent malware strains within two months since detection.
Source

A Guy


My System SpecsSystem Spec
.

21 Oct 2012   #2

WXP/Vista/Win7/Win8
 
 

They recently released a new version (v2.8.13.0 - 10/12/2012) of...

Anti-rootkit utility TDSSKiller

...that hopefully will detect this.

It's worth keeping it around handy.

Good Info A Guy, thanks for the post about the new variant of TDL4.
My System SpecsSystem Spec
21 Oct 2012   #3

Windows 7 Home Premium 64 bit. (On both machines)
 
 

Thanks A Guy, saved and stored!
My System SpecsSystem Spec
.


21 Oct 2012   #4

Windows 7 Home premium 64bit SP1
 
 

Thanks for the tip Aguy
My System SpecsSystem Spec
21 Oct 2012   #5

Windows 7 Pro. 64/SP-1
 
 

What would be the best way to stop infection from getting into bios and other hardware that are active before Windows and the security programs start up?
My System SpecsSystem Spec
21 Oct 2012   #6

Windows 8.1.1 64bit
 
 

Quote   Quote: Originally Posted by endeavor View Post
They recently released a new version (v2.8.13.0 - 10/12/2012) of...

Anti-rootkit utility TDSSKiller

...that hopefully will detect this.

It's worth keeping it around handy.

Good Info A Guy, thanks for the post about the new variant of TDL4.
Thank's for the link.

Downloaded it,ran it,did not find anything, saved it on the desktop for future use.
My System SpecsSystem Spec
21 Oct 2012   #7

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 

Quote   Quote: Originally Posted by Layback Bear View Post
What would be the best way to stop infection from getting into bios and other hardware that are active before Windows and the security programs start up?
That would have to be done by the BIOS manufacturer. Preventing the infection from getting on to your PC in the first place would have to be by Antivirus, firewall, etc. commonly used to prevent any infection. But if a BIOS infection does get in, and the BIOS is not capable of stopping it, you are literally owned.

Here is some interesting, if not downright scary, reading.

A Computer Infection that Can Never Be Cured - Technology Review

BIOS rootkit found in the wild

NIST proposes BIOS protection measures | bit-tech.net

A Guy
My System SpecsSystem Spec
22 Oct 2012   #8

Windows 7 Pro. 64/SP-1
 
 

Thank you A Guy for the web sites. Good reading.
My System SpecsSystem Spec
22 Oct 2012   #9

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x86 Service Pack 1 - Linux Mint Mate 14 x64
 
 

Just downloaded the Anti-Rootkit program, will help provide further protection for my system, may also get it installed on some of the other computers at home too.
My System SpecsSystem Spec
Reply

 New TDL4 rootkit successfully hiding from AV




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 03:09 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33