2 min read

Free Removal Tool for TDL4 Available Now

Bogdan BOTEZATU

July 04, 2011

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Free Removal Tool for TDL4 Available Now

If you have been connected to the pulse of the security world in the past few days, then you probably know that there’s a new bad guy in town, called TDL4. This rootkit-based e-threat is not what you would expect from a regular piece of malware: it is encrypted using custom algorithms, and will stay absolutely hidden on the system after it has successfully infected your system.

More than that, given the fact that it features one of the most advanced rootkits on the market, chances are that most antiviruses will fail to accurately identify it, let alone to remove it. Once run, TDL4 infects the Master Boot Record (MBR), which allows it to load its code before Windows starts up. This approach allows the rootkit to intercept critical system functions. The rootkit can infect both 32- and 64-bit versions of Windows, which makes it particularly more dangerous than other pieces of malware based in accompanied by drivers.

Technical details aside, the piece of malware (which has been around since 2008 and suffered four major upgrades) spreads through pornography websites, as well as through illegal file sharing repositories, where it is disguised as cracks or codecs. Moreover, infections with TDL4 have also been logged on computers that had been previously infected with Zeus bots, which prompts that the latter is responsible for downloading and installing the rootkit.

The rootkit itself has no damaging potential. Instead, it is used by other pieces of malware to conceal their presence on the computer, as well as to gain extra privileges on the operating users. By default, the rootkit comes with two components: a clicker module that allows its creators to stealthily redirect traffic to a variety of websites; a second module, called tdlcmd.dll implements botnet functionality by allowing the malware to receive commands from the botmaster, modify search results to display affiliate links or even abuse advertising programs by generating clicks on banners.

BitDefender has been monitoring the evolution of TDL4/TDSS ever since its emergence, when we offered our first removal tools for this e-threat. Given the developments, we have added detection, removal and disinfection in the BitDefender antimalware solutions, so our customers have been protected against this e-threat since its discovery.

Computer users who are not protected by a BitDefender security solution can download our free removal tool for either 32-bit or 64-bit flavors of Windows.

Download the 32-bit version of the tool

Download the 64-bit version of the tool

“All names and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.”

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read