HomeHome Spyware DatabaseSpyware Database Backdoor.TDSS Removal Guide"Backdoor.TDSS Removal Guide"

Backdoor.TDSS Removal Guide

line

Backdoor.TDSS Description

Backdoor.TDSS is a malicious parasite that is commonly downloaded and installed onto your computer through security holes. Once inside your machine, Backdoor.TDSS will embed itself into the registry in order to open up an unsecured backdoor in your system. This backdoor can be exploited by a hacker to give clear, unfettered access to your PC and any data stored on it. This threat runs in stealth mode, therefore remaining undetected by the user while performing its malicious acts. This threat is commonly associated with rogue antispyware products, such as Antivirus 2009. Backdoor.TDSS is considered a high-level threat and should be removed from your system immediately.

Backdoor.TDSS Automatic Detection (Recommended)

Is your PC infected with Backdoor.TDSS? To safely & quickly detect Backdoor.TDSS, we highly recommend you...

Download SpyHunter's Malware Scanner Download SpyHunter's* Malware Scanner.

Backdoor.TDSS Manual Removal Instructions

Backup Reminder: Always be sure to back up your PC before making any changes.



Step 1 : Use Windows Task Manager to Remove Backdoor.TDSS Processes

Remove the "Backdoor.TDSS" processes files:

Read more on How to kill Backdoor.TDSS Processes

Step 2 : Use Registry Editor to Remove Backdoor.TDSS Registry Values

Locate and delete "Backdoor.TDSS" registry entries:

Read more on How to Remove Backdoor.TDSS Registry Entries

Step 3 : Use Windows Command Prompt to Unregister Backdoor.TDSS DLL Files

Search and unregister "Backdoor.TDSS" DLL files:

Read more on How to Remove Backdoor.TDSS DLL Files

Step 4 : Detect and Delete Other Backdoor.TDSS Files

Remove the "Backdoor.TDSS" processes files:

Read more on How to Delete Harmful Files

Step 5 : View the Backdoor.TDSS Components with its MD5s

Remove the "Backdoor.TDSS" components:
File NameFile SizeMD5
TDSSfpmp.dll2271b97a8b53bb298025fff5a817cef83c57
TDSSliqp.dll31232151ff4cdf759481534a1535f0f03160d
TDSSnrse.dll296960eaf34f90b433a3c5642ecea7fd70d1f
file.exe35840ad440aa8e7a3f1cc4574acf2447a8022
install[1].exe47104857fe3b30bc1f8a7ec4b73cb8dd38d3d
osajuhzzwtyo.dll134144dea7ae96da06a20737d052498ec7f079
UACqxtiekcnbouoins.dll1996845eb74a8b5be4238e6cc561ba3c8b795
UACyctgyibvpiextci.dll1740834d4a43a970cc558508c74804a295e8e
ytasfwkoslyqdk.dll2048013ae37ef2a7cdd215f0665115e77d186
gasfkydovvwqoh.dll1945601a45c33177509afc09d99bf05998639
wow64main.exe1146880b02eafc95218d62d2fb60bfb61382867
svhost.exe3057664c4beb9ad45bb23c48fd8655ea0f372a7
services.exe193024924dff7ae2b5374537958c8f03e3ffe5
wscsvc32.exe524800ecca8c1a429e801aa7f3534add5ac5e1
wscsvc32.exe5601282a90e17e2b4eb67092cdd99808d35ff9
twunk_32x.exe7127044cef8d106ee726d4fdb7774940b792f3
winhlp64.exe558592612b07594fc7b4b031db01c5a133d330
TDSSfpmp.dll2276e5fe92762403322934b3946fa9532cd6
TDSSosvn.dat527e9ad80d5a1328bf5b48b2226da1ecbde
TDSSfpmp.dll2271ebe3dbad4f62b1fc9db8060f8c2801ec
winlogon.exe35840ad440aa8e7a3f1cc4574acf2447a8022
install[1].exe47616215a9feab9289950cf19245f7f143c35
mdqhqxcejju.dll1341444b81f8821cb48870e6f41d0eda95f1bc
UACwusibnevxscvntv.dll6656096f56cae7d77cae83e70487b28869494
svchost.exe3507203875bfc00b2c6053065cdaec623c470c
googletoolbar_download.exe614401bc09e91c70a6a9ccbaae4d27ce71ca6
ktk57D9.tmp.exe467456a34d514b84b97d75c54584dcb690b292
winlogon.exe291846ca870318e0d0c1aaa69cb25dbcb0079
svhost.exe305715226ee3cfeba083c8b60fea7c3a4c618ae
services.exe194048b6f4e652ed5e9cb7b8c2241a50427614
Installer.exe489472ba211925f478dc1f052dabff6b2f79ec
settdebugx.exe7168009d42439ce13072f3da144c15ebb317de
settdebugx.exe7127048c4281575d7ad379127835f6783e3b2c
winhlp64.exe57190447b8eacaeaf58e7de237f178a82716fc
TDSSmhct.sys604169679cbb6fb2104010efb44910e08a563
TDSSfpmp.dll2271c9eae3fc10318713a3d5616d9634f1bf
TDSSofxh.dll36864d68510fa4a59413d7b7a4add74c59358
services.exe19968038490d717f495417eac59a2c6cb01290
winlogon.exe69637860a96b3c442b5f3316d671dc7ec177e
svchost.exe350720e83435e1590e7016903059022a5bef9f
UACqkppyodbawkldgu.dll19968cc6e356af29b9e5f1cb3485c8fb02b67
hapldpbpoz.dll1341445ce50b9147cbd6cd22aacf12750ea0ab
gasfkyfpcrnmxg.dll19968959fd9367450aaca972f346df9ee28ae
wscsvc32.exe100249609ea9196890c912a2cf040498ed63a56
services.exe200704999e1cb8f612086788bba1f373190f47
svchost.exe35635274061c89bfb41c8d704a4956a756f7eb
clspackxq.exe67174470f6b2522ecf2e51b98e737fdb3cf81e
wscsvc32.exe56012811e226d9e5aa6dbc1f1b88bcca5dcd5f
settdebugx.exe712704f80b61f32694dea690315e3b8a4e1388
cliconfg64.exe712704e426729030aebc15a65994819dce721f
TDSSciou.dll73728697de522509c28c9998d9933e3fa6fb7
TDSSoeqh.dll358403f28e5e6a394e7f668d701b1f7125b64
TDSSosvd.dll36864d68510fa4a59413d7b7a4add74c59358
iv.exe424967a8ca5e4742f7a8930798796137748cf
file.exe,winlogon.exe35840dc073ddbb1dd45f17a2fa2a828a405ae
lasmcnyjaa.dll134144e0b9786878344598f099c337808f0dbd
UACnqxnsethfqsyxcr.dll240648842a4193abc5d412442247c6dba3045
tdssadw.dll32768ed38233137323e0291f3cae405620157
kbiwkmvttkqppj.dll199688966eb3f8a03c014426def4449312ea2
wow64main.exe125747235c1926d4b4cc0d9fb1124e45f880f79
services.exe208384b5d40c54cc4da1b9ea0f6d2d0977d35f
winlogon.exe3532822e345a68a5e0c39f05d3f4d6400870b
iemodule.dll263270479a19899cf8b2dcbdb87962bf22701f8
settdebugx.exe7168006a0455f0f540568d085db66b71803cfa
wscsvc32.exe56012891ce1a417506687772ac1bc34b26c7b9
winhbt.exe38400528e550562c2acc02885c29dca6e092c
eventcreatexp.exe6138888cd337931bd0ebf6677abc02a9386d61

Back to Top

Site Disclaimer


Publication Date: Tue Dec 02 2008 14:42:00 EST

User Comments


Username:  jim    Date Posted:  2008-12-15 13:40:42   
Comment:

cannot get into safe mode. cannot run regedit. removal of the tdss files does nothing because it comes right back. cannot turn on firewall. was on. cannot use system restore or manage system restore. solution does not work for me. pctools says it will remove but does not. cannot remove the hidden files.



Leave a Reply


*
To prove you're a person (not a spam script), type the security word shown in the picture.
Security Image

Back to Top

Remove Backdoor.TDSS