My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Rootkit.MBR.TDSS

MEDIUM
MEDIUM
varies
(Alureon.A (Command) MBR/Alureon.A (Norman) Boot.Sst.D (VirusBuster) Rootkit.MBR.Sst.A (Boot image) (BitDefender))

Symptoms

Infection with TDSS is extremely difficult to spot because of the rootkit component that hides the actual payload. Usually, search engine search results are redirected to third-party sites that display ads or sell fake products. Also, access to the websites registered by AV vendors and computer support forums is blocked

Removal instructions:

Run the attached removal tool and let it disinfect the system. The system may reboot after the scan completes.

Analyzed By

Mihail ANDRONIC, Virus Researcher

Technical Description:

The rootkit component is installed by the dropper malware. It hooks specific functions of the operating system, and uses intermediary files to prevents Windows from checking digital signatures for drivers. It also acts as a handler for HDD read/write requests. The rootkit component is used with the sole purpose of hiding other maluicious payloads that are part of the respective campaign.