RTKT_TDSS.ALJ
Windows 2000, XP, Server 2003
Threat Type: Trojan
Destructiveness: No
Encrypted: Yes
In the wild: Yes
OVERVIEW
This Trojan may arrive bundled with malware packages as a malware component. It may be dropped by other malware.
It is a component of other malware.
Its rootkit functionalities are used by other malware/grayware. It hides files, processes, and/or registry entries.
TECHNICAL DETAILS
Varies
SYS
Yes
12 May 2011
Arrival Details
This Trojan may arrive bundled with malware packages as a malware component.
It may be dropped by other malware.
Installation
This Trojan is a component of other malware.
Rootkit Capabilities
This Trojan s rootkit functionalities are used by other malware/grayware.
It hides files, processes, and/or registry entries.
NOTES:
This malware is a component file of a BKDR_TDSS malware. This file has usually two versions, one for 32-bit and one for 64-bit systems. This file is also responsible for ensuring that the Master Boot Record of the system is infected.
SOLUTION
8.900
Step 1
For Windows XP and Windows Server 2003 users, before doing any scans, please make sure you disable System Restore to allow full scanning of your computer.
Step 2
Remove malware files dropped/downloaded by RTKT_TDSS.ALJ
- BKDR_TDSS
Step 3
Scan your computer with your Trend Micro product to delete files detected as RTKT_TDSS.ALJ. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.
Did this description help? Tell us how we did.