Deleting some strange DLL-s after a terrible spyware attack question.

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Xferla, Sep 2, 2008.

  1. Xferla

    Xferla Private E-2

    I'm not sure if it was even spyware.
    I'm not really quite myself at all after three days in a row fight with that..whatever it was!
    Finally I managed to fix it using RegRunPartizan and SmitFraudFix.
    But it appears that now my entire computer encoding is messed up! (supposed to be Japanese).
    I've attached my final rapport.txt from SmitFraud, after I removed everything except some damn rootkits in my system32, if you can even read it...
    If you can't, I just want to say that for now nothing else is found - no Zlob-s, Vundo-s or whatever except these dll-s and a .sys in \drivers.

    I'm assuming that the "td" standing in front of every filename comes from Trojan.Downloader - TD but that's just my assumption.

    So I just want to ask, if I stubbornly delete them through DOS, would it cause a problem for my system?

    The files are:
    C:\WINDOWS\system32\tdssservers.dat
    C:\WINDOWS\system32\tdssadw.dll
    C:\WINDOWS\system32\tdssinit.dll
    C:\WINDOWS\system32\tdssl.dll
    C:\WINDOWS\system32\tdsslog.dll
    C:\WINDOWS\system32\tdssmain.dll
    C:\WINDOWS\system32\drivers\tdssserv.sys

    Please, don't redirect me to the READ&RUN ME FIRST thread because nothing there helped.

    Just tell me, if I delete those things there, will everything be allright and will my computer encoding fix? ..Or just if I delete them, will it be OK, really, I'm totally diminished.
     

    Attached Files:

    Xferla, Sep 2, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That is the only way we know all malware has been removed. If you had already run it most if not all of these would already have been removed because we see the READ & RUN ME steps remove them everyday. So unless you have a new form of this infection, I would expect them to be removed. Malwarebytes and ComboFix both have typically removed them.

    Delete them (if you can) and take your chances. We cannot answer these questions because we do not know what else may be on your PC.
     
    Last edited: Sep 2, 2008
    chaslang, Sep 2, 2008
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds