English 
Backdoor.Tidserv Backdoor.Tidserv
By
GoldSparrow in 
Loading ...
Backdoor.Tidserv Description
Backdoor.Tidserv is a Trojan horse that infiltrates a computer via security vulnerabilities, and creates a backdoor port by which an unauthorized user may gain remote access to the infected system. Backdoor.Tidserv may also reconfigure assorted Windows system tools in order to prevent the user from removing the threat and performing virus scans.
Type: Backdoors
Automatic Detection of Backdoor.Tidserv
Backdoor.Tidserv has typically the following processes in memory:
- %System%\TDSSinit.dll
- %System%\TDSSpopup.dll
- %System%\TDSSmain.dll
- %System%\TDSSadw.dll
- %System%\TDSSl.dll
- %System%\TDSSlog.dll
Backdoor.Tidserv creates the following registry entries:
- HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\”type” = “popup”
- HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\”serversdown” = “1″
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata\”asubid” = “v2test7″
- HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\”build” = “standart”
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata\”affid” = “39″
Important Article Disclaimer
This entry was posted
on 06/23/09 and is filed under Backdoors.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
