What is Backdoor.Tidserv?

View previous topic View next topic Go down

What is Backdoor.Tidserv?

Post by Doctor Inferno on Tue 02 Dec 2008, 7:00 pm

I have seen many topics being posted on GeekPolice relating to the removal of Backdoor.Tidserv. So I thought that you guys may be curious about what it does etc. Below is some information provided by symantec.com about Backdoor.Tidserv.

Backdoor.Tidserv is a Trojan horse that opens a back door on the compromised computer.

Threat Assessment
  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low

  • Damage Level: Medium
  • Payload: Opens a back door on the compromised computer.

  • Distribution Level: Low

This Trojan may arrive as a spammed email with the following attachment name:
e-card (Trojan.Dropper)

It may also contain an icon of a director's board:

When the Trojan is executed, it drops and executes the following files:

  • %Temp%\file.exe (Backdoor.Tdiserv)
  • %Temp%\e-card.exe (Trojan.Virantix.C)

Should anyone come face to face with Backdoor.Tidserv, please post all your questions in our Malware Removal Support & HijackThis logs forum.

Please be a GeekPolice fan on Facebook!

Have we helped you? Help us! | Doctor by day, ninja by night.

Doctor Inferno
The GeekPolice

The GeekPolice

Posts : 12017
Joined : 2007-12-27
Operating System : Windows 7 Home Premium and Ultimate X64

View user profile http://twitter.com/GeekPolice

Back to top Go down

View previous topic View next topic Back to top

Permissions in this forum:
You cannot reply to topics in this forum