I have seen many topics being posted on GeekPolice relating to the removal of Backdoor.Tidserv. So I thought that you guys may be curious about what it does etc. Below is some information provided by symantec.com about Backdoor.Tidserv.




Backdoor.Tidserv is a Trojan horse that opens a back door on the compromised computer.

Threat Assessment
  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low


Damage
  • Damage Level: Medium
  • Payload: Opens a back door on the compromised computer.


Distribution
  • Distribution Level: Low



This Trojan may arrive as a spammed email with the following attachment name:
e-card (Trojan.Dropper)

It may also contain an icon of a director's board:

What is Backdoor.Tidserv? 2008-010

When the Trojan is executed, it drops and executes the following files:

  • %Temp%\file.exe (Backdoor.Tdiserv)
  • %Temp%\e-card.exe (Trojan.Virantix.C)



Should anyone come face to face with Backdoor.Tidserv, please post all your questions in our Malware Removal Support & HijackThis logs forum.