ZoneAlarm let me down with the TDSSserv Trojan but AVG anti virus software fixed the problem

ZoneAlarm lets me down with the TDSSserv Trojan but AVG anti virus software fixed the problem. Fortunately.

ZoneAlarm let me down today as a PC became infected with TDSServ rootkit Trojan. I’ve now switched to AVG anti virus software, which cured the problem.

I’ve been using ZoneAlarm for two years without any problems, however ZoneAlarm failed miserably today costing me hours of wasted time in curing the Trojan infection.

The TDSSserv Trojan is really nasty. In fact it created the worst attack on a PC that I’ve come across.

The trojan redirects DNS requests so that every time you click on a Google or Yahoo search link, your browser gets redirected to a load of spammy shopping web sites.

Even if you are not using the browser, every few minutes a spam site pops up.

Maliciously the TDSSserv Trojan blocks your anti virus software so that it cannot be updated to the latest database version. It also blocks other attempts to remove it and displays fake security alerts enticing you to install yet another malicious anti spyware application.

Why did ZoneAlarm not block it? I’m furious with that anti virus software.

So I did a search for something that can detect and prevent attacks by so called RootKit trojans.

I’ve used AVG anti virus server software before and it has been really good, so when I saw that AVG Internet Security suite protects against RootKit infection, I downloaded and installed the 30 day evaluation.

The AVG scanner crawled through the infected PC, however it detected and neutralised the TDSSserv Trojan, much to my relief.

ZoneAlarm is history on our PCs now.

So if your PC has these problems, then you have probably been infected by the TDSSserv Trojan too:

  • Google, Yahoo, and MSN search results direct you to completely non related spam pages
  • All web pages load very slowly
  • Your anti virus software update process is blocked
  • System restore functionality doesn’t work
  • You are unable to access msconfig

Update

I later found that AVG hadn’t completely removed the trojan, however you can read how I eventually used MalwareBytes to delete the TDSSserv Trojan

Add Comment