What is Backdoor.Tidserv?

View previous topic View next topic Go down

What is Backdoor.Tidserv?

Post by Doctor Inferno on Tue Dec 02, 2008 8:00 am

I have seen many topics being posted on GeekPolice relating to the removal of Backdoor.Tidserv. So I thought that you guys may be curious about what it does etc. Below is some information provided by symantec.com about Backdoor.Tidserv.




Backdoor.Tidserv is a Trojan horse that opens a back door on the compromised computer.

Threat Assessment
  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low


Damage
  • Damage Level: Medium
  • Payload: Opens a back door on the compromised computer.


Distribution
  • Distribution Level: Low



This Trojan may arrive as a spammed email with the following attachment name:
e-card (Trojan.Dropper)

It may also contain an icon of a director's board:



When the Trojan is executed, it drops and executes the following files:

  • %Temp%\file.exe (Backdoor.Tdiserv)
  • %Temp%\e-card.exe (Trojan.Virantix.C)



Should anyone come face to face with Backdoor.Tidserv, please post all your questions in our Malware Removal Support & HijackThis logs forum.


Please be a GeekPolice fan on Facebook!



Have we helped you? Help us! | Doctor by day, ninja by night.

Doctor Inferno
Administrator
Administrator

Posts Posts : 12015
Joined Joined : 2007-12-26
Gender Gender : Male
OS OS : Windows 7 Home Premium and Ultimate X64
Protection Protection : Kaspersky PURE and Malwarebytes' Anti-Malware
Points Points : 104600
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum