I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
TDIFILTER.SYS – Trojan Agent removal
| File | MD5 | Virus Alias |
|---|---|---|
| TDIFILTER.SYS | 642a5b76cbbda771ebf38e70f8c6dd9d | Trojan Agent |
| TDIFILTER.SYS | 642a5b76cbbda771ebf38e70f8c6dd9d | Virus Alman |
TDIFILTER.SYS size: 4352 bytes
TDIFILTER.SYS hash: 642A5B76CBBDA771EBF38E70F8C6DD9D
Created files:
%WinDir%\inf\atm.ldb
%WinDir%\inf\atm.PNF
%SysDir%\drivers\Kvboot.sys
%SysDir%\drivers\TdiFilter.sys
%SysDir%\drivers\xArpProto.sys
%SysDir%\LDAPSVC.dll
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\KVBOOT\Type: 01000000
HKLM\System\CurrentControlSet\Services\KVBOOT\DisplayName: KVBOOT
HKLM\System\CurrentControlSet\Services\KVBOOT\ImagePath: System32\DRIVERS\Kvboot.sys
HKLM\System\CurrentControlSet\Services\KVBOOT\Group: Boot Bus Extender
HKLM\System\CurrentControlSet\Services\LDAPSVC\Type: 20000000
HKLM\System\CurrentControlSet\Services\LDAPSVC\Start: 02000000
HKLM\System\CurrentControlSet\Services\LDAPSVC\DisplayName: LDAP Service
HKLM\System\CurrentControlSet\Services\LDAPSVC\ImagePath: %SystemRoot%\System32\svchost.exe -k LDAPSVC
HKLM\System\CurrentControlSet\Services\LDAPSVC\Parameters\ServiceDll: 2500530079007300740065006D0052006F006F00740025005C00730079007300740065006D00330032005C004C004400410050005300560043002E0064006C006C000000
HKLM\System\CurrentControlSet\Services\TdiFilter\Start: 03000000
HKLM\System\CurrentControlSet\Services\TdiFilter\Type: 01000000
HKLM\System\CurrentControlSet\Services\TdiFilter\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C00540064006900460069006C007400650072002E007300790073000000
Detected by UnHackMe:
TDIFILTER.SYS
Default location: %SYSDIR%\DRIVERS\TDIFILTER.SYS
Dropper information:
MD5: 33a4fed818d37a01f2ee4de4a0c0f0a5
File size: 48640 bytes