Threat Type: Trojan Horse
Threat Level: Severe
Systems Affected: Windows 8/8.1, Windows 7, Windows Vista, Windows XP
Backdoor.Tidserv!kmem is a generic detection used to detect threats associated with the Backdoor.Tidserv family of threats. This terrible backdoor Trojan is typically distributed using a number of means common to many other well-known threats. Namely it has been observed to be spread by fake blogs rigged with URLs to sensational videos that “must be seen” or bogus blog or forum comments with similar baits. The Trojan may also be found in fake Torrent files and P2P downloads, cracks and warez Web sites, and also hacked legitimate and fake Web sites rigged with exploits for various vulnerabilities allowing for what is known as a “drive-by download” to occur.
The Backdoor.Tidserv!kmem has been designed with profit-making as its primary objective. Once infiltrated, this tidserv infection may redirect users to sites that are affiliated with the Trojan’s authors or that are hosting Misleading Applications associated with the pay-per-install income model. This backdoor Trojan may also periodically display pop-up advertisements for various products and services, as well as further Misleading Applications. From time to time, it may also contact remote servers for software or updates to itself or its configuration files, making it a versatile and extensible threat.
Besides, this risky Trojan can create a backdoor port which enables cybercriminals to obtain remote access to the compromised PC. And then the security of your computer and your privacy will increase to a severe-risk level. To prevent your computer from all the unexpected dangers (more than the mention above), you should remove this Trojan from your computer as early as you can. Here is a simple instruction:
Step 1: Open the task manager and stop Backdoor.Tidserv!kmem process.
Step 2: Find out the files associated with Backdoor.Tidserv!kmem and remove them.
Step 3: Remove all the related registry entries of Backdoor.Tidserv!kmem.
If you need more details, you can visit: http://blog.teesupport.com/backdoor-tidservkmem-main-removal-principles-how-to-remove-backdoor-tidservkmem-easily/
- Users are encouraged to adhere to the following basic security “best practices” to prevent Backdoor.Tidserv!kmem from infecting your PC:
- Use a firewall to block all incoming connections from the Internet to services that should not be publicly available. By default, you should deny all incoming connections and only allow services you explicitly want to offer to the outside world.
- Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
- Turn off file sharing if not needed. If file sharing is required, use ACLs and password protection to limit access. Disable anonymous access to shared folders. Grant access only to user accounts with strong passwords to folders that must be shared.
- Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.
- Configure your email server to block or remove email that contains file attachments that are commonly used to spread threats, such as .vbs, .bat, .exe, .pif and .scr files.