Trojan.Win32.Tdss.Ajmk
Trojan.Win32.Tdss.Ajmk is a Trojan horse that may poses great security risk for the compromised computer and connected network environment. Trojan.Win32.Tdss.Ajmk uses rootkit technology to hide its presence and bypass antivirus programs and security applications. It can display excessive advertisements on computer and redirect search results to pre-defined web address. Additionally, the Trojan can allow a remote attacker to gain access on the affected PC.
Alias: Backdoor:W32/TDSS, BKDR_TDSS , Win32/Alureon, Trojan-Dropper.Win32.TDSS, Packed.Win32.TDSS
Damage Level: High
Systems Affected: Windows 9x, 2000, XP, Windows Vista
Characteristics
The Trojan is designed primarily to infect the system while concealing its presence. After the primary infection, this Trojan will connect to a remote server and download the main part of its operation. The Trojan is often used to install a copy of unwanted program on victim’s computer without getting spotted by installed security product. This functionality indicates that its principal goal is to gain profits from fraudulent online activities. The action corresponds to a number of online money-making schemes like forwarding web traffics to a web page, installing a rogue security application and selling products that does not meet user’s expectation.
Distribution
This Trojan is spread throughout the Internet. Common method includes a web site article that contains sensational videos of a celebrity or politician. The page also contains malicious URL that when followed will instantly drop a copy of the Trojan on target computer. Copy of this Trojan is also present on fake Torrent files that are uploaded to file-sharing networks. On some instances, it is provided as deceitful software crack and serial number for popular software. Some web sites that are compromised also lead to infection of Trojan.Win32.Tdss.Ajmk. Using a drive-by-download method where in the Trojan will look for browser vulnerabilities and enter the machine through various exploits.
How to Remove Trojan.Win32.Tdss.Ajmk
Anti-rootkit utility called TDSSKiller is a free tool from Kasperksy that neutralizes complicated malware which effectively hides its process, folders, files and registry entries.
1. Download TDSSKiller from this link. Save the file to your desktop.
2. Extract the contents using archiver applications. 3. Reboot the computer in Safe Mode to avoid Trojan.Win32.Tdss.Ajmk from loading at start-up. You may want to print this procedure as we have to restart the computer to complete the removal process.
- Restart the computer.
- Before Windows begins to load, press F8 on your keyboard.
- It will display an Advanced Boot Options menu. Please select Safe Mode with Networking.
- Windows will now start in Safe Mode.
4. Locate and run the TDSSKiller.exe file.
6. Click on Start Scan to begin scanning your system. This may take a while.
7. After the scan is finished, it will reboot the computer. That should complete the disinfection process.
Don
Aug 11, 2009 @ 16:00:17
I caught Trojan.Win32.Tdss. not a jmk. Spent about 2 minutes to delete it.
Step 2, spent about 11 hours deleting it again and again and. The darn thing replicated itself upon deletion. I had this problem with at least 4 AVs plus a Trojan remover that I had download on a free trial basis. At this stage IE stopped working as did my search engines and I was getting numerous notices that program “xyz” was not working and logging on was hit and miss as well.
Step 3, bought a new HD and reinstalled everything including updating and transferring personal file for Excel and Word as required in give or take 11 hours and for only $200. My new HD is 1TB which replaced 300GB.
Rational: I suppose I could abate my cost by the hypothetically cost I would have spent on a removal program.