PTCH_TDSS.A
October 09, 2012
ALIASES:
Virus:Win32/Alureon.K (Microsoft), Backdoor.Tidserv!inf (Symantec), Patched-SYSFile.e (McAfee), Virus.Win32.TDSS.e (Kaspersky), Troj/TDL3Sys-A (Sophos)
PLATFORM:
Windows 2000, Windows XP, Windows Server 2003
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
TECHNICAL DETAILS
File Size: 52,352 bytes
File Type: SYS
Memory Resident: Yes
Initial Samples Received Date: 04 May 2011
NOTES:
This is the Trend Micro detection for .SYS files that are modified by TDSS malware to aid its routines. The patched codes are responsible for executing the malware during startup and inject its component files into running processes. It also has rootkit capabilities, which enables it to hide its processes and files from the user.