Loading ...
Português|
|
Tweet |  More |
Backdoor.Tidserv Description
Backdoor.Tidserv is a Trojan horse that infiltrates a computer via security vulnerabilities, and creates a backdoor port by which an unauthorized user may gain remote access to the infected system. Backdoor.Tidserv may also reconfigure assorted Windows system tools in order to prevent the user from removing the threat and performing virus scans.
Type: Backdoors
How Can You Detect Backdoor.Tidserv?
Backdoor.Tidserv Removal Details
Backdoor.Tidserv has typically the following processes in memory:
- %System%\TDSSinit.dll
- %System%\TDSSpopup.dll
- %System%\TDSSmain.dll
- %System%\TDSSadw.dll
- %System%\TDSSl.dll
- %System%\TDSSlog.dll
Backdoor.Tidserv creates the following files in the system:
- %System%\TDSSlog.
- %System%\TDSSservers.dat
- %System%\TDSSerrors.log
- %System%\TDSSpopup[RANDOM NUMBER].url
Backdoor.Tidserv creates the following registry entries:
- HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\”type” = “popup”
- HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\”serversdown” = “1″
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata\”asubid” = “v2test7″
- HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\”build” = “standart”
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata\”affid” = “39″
Important Article Disclaimer
This entry was last updated on 06/29/09 and posted on 06/23/09.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Backdoor.Tidserv
Leave a Comment
Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.