1 min read

New Removal Tools for the TDSS Family of Crimeware

Bogdan BOTEZATU

November 17, 2011

Promo Protect all your devices, without slowing them down.
Free 30-day trial
New Removal Tools for the TDSS Family of Crimeware

TDSS is not only one of the most important bots at the moment in terms of infection count, but also one of the most sophisticated. It has a hidden partition on the infected machine that hosts the code to subvert the OS before it starts, it can infect both 32- and 64-bit versions of Windows 7 and comes with a peer-to-peer communication model between the infected client and the C&C server.

Its complexity and efficiency have made TDSS extremely popular in the cyber underworld. Many current malicious operations are “powered by”clones of TDSS/TDL4 which now appears to be sold as a service.

The increasing number of infections with TDSS variants such as Pihar.A, Pihar.B, Sst.A and Sst.B (MAXSS) prompted us to update the removal tool we published in August. The new tool is able to detect and clean infections with all known clones of TDSS and can be downloaded for free from the Downloads Page of Malware City.

Download the 32-bit version of the tool

Download the 64-bit version of the tool

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

This removal tool is available courtesy of Mihail Andromic, malware researcher.

tags


Author


Bogdan BOTEZATU

Bogdan is living his second childhood at Bitdefender as director of threat research.

View all posts

You might also like

Bookmarks


loader