Backdoor.TDSS

By GoldSparrow in Backdoors

Translate To:

Threat Scorecard

Ranking:	16,241
Threat Level:	80 % (High)
Infected Computers:	90

First Seen:	July 24, 2009
Last Seen:	July 20, 2023
OS(es) Affected:	Windows

Backdoor.TDSS is a malicious parasite that operates in secret and may in fact be associated with rogue anti-spyware application Antivirus 2009. Backdoor.TDSS is typically downloaded and installed onto your computer through vulnerabilities in the security software. Once inside your system, Backdoor.TDSS will embed itself into the registry in order to open unsecured remote access to an outside party in order for them to gain access to your computer and all personal information data stored on it.

Table of Contents

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
AhnLab-V3	Trojan/Win32.Hiloti
BitDefender	Gen:Variant.Hiloti.1
McAfee	Hiloti.gen.e
AVG	Hiloti.BC
Ikarus	Trojan.Win32.Hiloti
AVG	Hiloti.BD
Ikarus	Trojan.Hiloti
Sunbelt	Trojan.Win32.Hiloti.aa (v)
eTrust-Vet	Win32/FakeAV.I!generic
DrWeb	BackDoor.Tdss
Sophos	Mal/Hiloti-D
F-Prot	W32/Hiloti.I.gen!Eldorado
NOD32	a variant of Win32/Cimag.DF
NOD32	a variant of Win32/Kryptik.FGP
McAfee	Artemis!3F3440EA64EE

SpyHunter Detects & Remove Backdoor.TDSS

File System Details

Backdoor.TDSS may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	aswdwi2.dll	a07fd1af85d17411ee5c6d180cc11066	7
Name: aswdwi2.dll MD5: a07fd1af85d17411ee5c6d180cc11066 Size: 73.21 KB (73216 bytes) Detections: 7 Type: Dynamic link library Path: %LOCALAPPDATA% Group: Malware file Last Updated: April 18, 2011
2.	hFWiopl7.dll	243c2c0ba2ec68df66645eea5393e0b4	6
Name: hFWiopl7.dll MD5: 243c2c0ba2ec68df66645eea5393e0b4 Size: 76.28 KB (76288 bytes) Detections: 6 Type: Dynamic link library Path: %LOCALAPPDATA% Group: Malware file Last Updated: February 14, 2011
3.	csfl32.dll	3453b5a8b7b9c66be79f85fc8ae06789	1
Name: csfl32.dll MD5: 3453b5a8b7b9c66be79f85fc8ae06789 Size: 73.21 KB (73216 bytes) Detections: 1 Type: Dynamic link library Path: %WINDIR% Group: Malware file Last Updated: December 7, 2010
4.	wpscrict.dll	8f65644223a04d8393a460ebeee38a17	1
Name: wpscrict.dll MD5: 8f65644223a04d8393a460ebeee38a17 Size: 74.24 KB (74240 bytes) Detections: 1 Type: Dynamic link library Path: %LOCALAPPDATA% Group: Malware file Last Updated: May 18, 2012
5.	KBDHReo.dll	4574adfe1adb6fd636c71aa06b309cff	1
Name: KBDHReo.dll MD5: 4574adfe1adb6fd636c71aa06b309cff Size: 73.72 KB (73728 bytes) Detections: 1 Type: Dynamic link library Path: %LOCALAPPDATA% Group: Malware file Last Updated: December 7, 2010
6.	wdbgmeg.dll	69fe1c421f3c55abc7a66923b1d5c20a	1
Name: wdbgmeg.dll MD5: 69fe1c421f3c55abc7a66923b1d5c20a Size: 73.72 KB (73728 bytes) Detections: 1 Type: Dynamic link library Path: %WINDIR% Group: Malware file Last Updated: December 7, 2010
7.	kcat432.dll	68f1e7437c3fece769937c4b8cb3bc15	1
Name: kcat432.dll MD5: 68f1e7437c3fece769937c4b8cb3bc15 Size: 76.8 KB (76800 bytes) Detections: 1 Type: Dynamic link library Path: %WINDIR% Group: Malware file Last Updated: January 9, 2011
8.	kbdmsid.dll	1d62f636ac023971f898fb11061af152	1
Name: kbdmsid.dll MD5: 1d62f636ac023971f898fb11061af152 Size: 74.75 KB (74752 bytes) Detections: 1 Type: Dynamic link library Path: %WINDIR% Group: Malware file Last Updated: December 6, 2010
9.	svchost.exe	74061c89bfb41c8d704a4956a756f7eb	0
Name: svchost.exe MD5: 74061c89bfb41c8d704a4956a756f7eb Size: 356.35 KB (356352 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 8, 2010
10.	services.exe	b6f4e652ed5e9cb7b8c2241a50427614	0
Name: services.exe MD5: b6f4e652ed5e9cb7b8c2241a50427614 Size: 194.04 KB (194048 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 8, 2010
11.	iemodule.dll	79a19899cf8b2dcbdb87962bf22701f8	0
Name: iemodule.dll MD5: 79a19899cf8b2dcbdb87962bf22701f8 Size: 2.63 MB (2632704 bytes) Detections: 0 Type: Dynamic link library Group: Malware file Last Updated: January 8, 2010
12.	clspackxq.exe	70f6b2522ecf2e51b98e737fdb3cf81e	0
Name: clspackxq.exe MD5: 70f6b2522ecf2e51b98e737fdb3cf81e Size: 671.74 KB (671744 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 8, 2010
13.	wscsvc32.exe	ecca8c1a429e801aa7f3534add5ac5e1	0
Name: wscsvc32.exe MD5: ecca8c1a429e801aa7f3534add5ac5e1 Size: 524.8 KB (524800 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 8, 2010
14.	Installer.exe	ba211925f478dc1f052dabff6b2f79ec	0
Name: Installer.exe MD5: ba211925f478dc1f052dabff6b2f79ec Size: 489.47 KB (489472 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 8, 2010
15.	settdebugx.exe	6a0455f0f540568d085db66b71803cfa	0
Name: settdebugx.exe MD5: 6a0455f0f540568d085db66b71803cfa Size: 716.8 KB (716800 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 8, 2010
16.	wscsvc32.exe	11e226d9e5aa6dbc1f1b88bcca5dcd5f	0
Name: wscsvc32.exe MD5: 11e226d9e5aa6dbc1f1b88bcca5dcd5f Size: 560.12 KB (560128 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 8, 2010
17.	twunk_32x.exe	4cef8d106ee726d4fdb7774940b792f3	0
Name: twunk_32x.exe MD5: 4cef8d106ee726d4fdb7774940b792f3 Size: 712.7 KB (712704 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 21, 2010
18.	settdebugx.exe	f80b61f32694dea690315e3b8a4e1388	0
Name: settdebugx.exe MD5: f80b61f32694dea690315e3b8a4e1388 Size: 712.7 KB (712704 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 21, 2010
19.	settdebugx.exe	8c4281575d7ad379127835f6783e3b2c	0
Name: settdebugx.exe MD5: 8c4281575d7ad379127835f6783e3b2c Size: 712.7 KB (712704 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 21, 2010
20.	winhbt.exe	528e550562c2acc02885c29dca6e092c	0
Name: winhbt.exe MD5: 528e550562c2acc02885c29dca6e092c Size: 38.4 KB (38400 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 21, 2010
21.	cliconfg64.exe	e426729030aebc15a65994819dce721f	0
Name: cliconfg64.exe MD5: e426729030aebc15a65994819dce721f Size: 712.7 KB (712704 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 21, 2010
22.	winhlp64.exe	612b07594fc7b4b031db01c5a133d330	0
Name: winhlp64.exe MD5: 612b07594fc7b4b031db01c5a133d330 Size: 558.59 KB (558592 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: January 21, 2010
23.	mplay32xe.exe	550d82300b5126d7b00cf4aede871d7e	0
Name: mplay32xe.exe MD5: 550d82300b5126d7b00cf4aede871d7e Size: 258.56 KB (258560 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: April 8, 2010
24.	mplay32xe.exe	dabceb372c2f0c2866ae8cb9ab9db418	0
Name: mplay32xe.exe MD5: dabceb372c2f0c2866ae8cb9ab9db418 Size: 258.56 KB (258560 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: April 8, 2010
25.	wsdkrlxp.exe	b863bbb6f80af43484f1ec384f36f0ef	0
Name: wsdkrlxp.exe MD5: b863bbb6f80af43484f1ec384f36f0ef Size: 389.12 KB (389120 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: June 3, 2010
26.	D.tmp	3f3440ea64eee1ddbe1a1a6b063105b9	0
Name: D.tmp MD5: 3f3440ea64eee1ddbe1a1a6b063105b9 Size: 50.17 KB (50176 bytes) Detections: 0 Type: Temporary File Group: Malware file Last Updated: August 12, 2010

More files

Registry Details

Backdoor.TDSS may create the following registry entry or registry entries:

Regexp file mask

%SystemRoot%\System32\TDSS[RANDOM CHARACTERS].dat

%SystemRoot%\System32\TDSS[RANDOM CHARACTERS].dll

%TEMP%\TDSS[RANDOM CHARACTERS].tmp

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Backdoor.TDSS

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove Backdoor.TDSS

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen