Rootkit TDSS.d
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 80 % (High) |
| Infected Computers: | 2 |
| First Seen: | August 23, 2011 |
| Last Seen: | June 3, 2021 |
| OS(es) Affected: | Windows |
Rootkit TDSS.d is a variant of the TDSS Rootkit, a malware infection that has been invading computers since the year 2008, when it was first detected. Variants of the TDSS Rootkit constantly evolve, making them difficult to detect and eradicate. The main difficulty about removing Rootkit TDSS.d is the fact that Rootkit TDSS.d can infect drivers, making this an infection at a very deep level of a computer system, often loading before the operating system itself. ESG PC security researchers recommend seeking out a specialized rootkit removal tool, when trying to deal with a Rootkit TDSS.d infection.
The History of Rootkit TDSS.d and Its Variants
Early versions of Rootkit TDSS.d were designed to infect the clbdriver-sys driver and its associated DLL file. All variants of the TDSS Rootkit retain these parts of the original version of this infection. A characteristic that is unique to the family of TDSS rootkits is that they all display a similar error saying "STATUS_TOO_MANY_SECRETS" as part of their self-protection mechanisms. Rootkit TDSS.d is encrypted, making it very difficult to analyze. An aspect of the encryption of Rootkit TDSS.d that makes Rootkit TDSS.d especially difficult to decipher is that Rootkit TDSS.d's creators interspersed segments of Hamlet (Shakespeare's play) to confuse PC security analysts further. Rootkit TDSS.d is a classic example of the constant arms race between hackers and PC security experts. Newer generations of the TDSS Rootkit are especially difficult to deal with because of the constant updates released for this malignant infection. Whenever PC security researchers find a solution for a new variant of Rootkit TDSS.d, the hackers behind Rootkit TDSS.d release a new version that bypasses the newest solution. While there are constant advances in anti-malware technology, these same advancements are met by similar progress on the part of the criminals that create these kinds of infections.
How Hackers Profit From Rootkit TDSS.d
Rootkit TDSS.d is used to spread Trojans and rogue security programs. It is also used to protect other malware from detection. Rootkit TDSS.d is also associated with the largest botnets, which can be made up of thousands of infected computers. Hackers can use these botnets themselves, or rent them out to other criminals. Rootkit TDSS.d is thought to originate in the Russian Federation, and the botnets that are associated with Rootkit TDSS.d infections are also thought to be controlled from this country. Hackers can use Rootkit TDSS.d to profit, by using Rootkit TDSS.d as part of infections designed to control infected computers and use them to send out spam emails or perform DDoS attacks on specific targets.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.