TDSSserv.sys - Rootkits - Backdoor Trojans
TDSSserv.sys is one very nasty Trojan, in our experience visible
symptoms of this type of Trojan include Internet browser
hijacking, trying to search the web using a popular search
engine.
Click on one of the results and
you will be directed to another completely different website,
another visible symptom is popups for antivirus software.
These symptoms
can be just the tips of the iceberg.
On another
level it can also capture private information such as bank
details and pass codes.
If you think
your computer has been infected the first thing is to change any
banking pass codes or any other private passwords, of course
ensure you do not change these from the infected computer.
The next step is to try and remove the Trojan, running software
such as Malwarebytes or Spybot Search and Destroy can help, but
this is dependant on how embedded the Trojan is.
A manual way to
disable it is to go to Device manager, by right clicking on
Computer (Vista) or My Computer (XP) Select Manage and Device
Manager – Under the View Menu select Show Hidden Devices – Now
look under Non-Plug and Play Drivers for TDSSserv.sys – Right
Click on it and Disable
*** If
you attempt to remove it, it will re-install itself the next
time you reboot ***
Once this is
done, reboot your computer and run another scan using
MalwareBytes – another excellent program is Unhijackme which
checks for virus and malware problems at start-up.
Notes
This particular type of Trojan is very dangerous, hard
to detect and remove due to the way it uses backdoor techniques
to access the operating system, hooking into the Windows kernel
and bypassing a systems security then modifying system API’s
which enables creation of innocent looking registry entries
which most security products will not detect.
Even if you
remove the Trojan TDSSserv.sys it usually embeds itself into so
many parts of a system that fragments will be left behind, and
its anyone's guess how malignant or benign they made be.
Many experts
agree that the only way to be sure that the your computer is
clean is to wipe it and rebuild, and in light of clients
becoming infected with this I would have to agree, especially
after having seen it return after we thought it was totally
removed.
It might take a
few hours to rebuild your computer and get it back to the way
you want, but it’s a lot less than the misery this could cause
if your computer is still infected.
TDSSserv.sys is just one of many types of
malware around - checkout some of our other pages on
this.
Search for more
on TDSSserv malware
How to remove coolwebsearch malware more at computer-adviser.com
Remove coolwebsearch malware now, removing coolwebsearch can
be a real pain, find out which antimalware products will remove
it for you, more..
www.computer-adviser.com/remove-coolwebsearch.html
Security virus malware fix - find out how to remove with our
guide
The security virus can be very hard to remove as it can
disable antivirus and prevent any executables from running, read
our malware fix to remove this.
www.computer-adviser.com/security-virus.html
Find out how to make your computer faster for free with our
guides
Of course Viruses and other types of malware can cause your
computer to run slow, everyone knows that, but did you also know
certain large and bloated ...
www.computer-adviser.com/make-your-computer-faster-for-free.html
js-downloader-bnl - what does it do? How did my computer get
infected?
This particular malware is classified as a Trojan, which then
uses browser exploits to attempt to load banking Trojans onto
visiting computers ...
www.computer-adviser.com/js-downloader-bnl.html
computer adviser
tdssserv article |
