Ok, today my Norton anti-virus told me I needed to restart to remove a threat, so I did. It says it was a "Backdoor Tidserv". I've tried Googling it, but found nothing, so please refrain from telling me to Google it/telling me Norton sucks. The file name was b3b7.tmp, and the treat name was "Backdoor.Tideserv". The infected files that were removed were: c:\programdata\microsoft\windows\drm\b3b7.tmp and c:\programdata\microsoft\windows\drm\b3b8.tmp . Any ideas on what these are/ where they came from is greatly appreciated so I can avoid them in the future. Thanks!
-
Edited by Wyldfyre: 1/21/2013 12:15:28 AMThey're self installing malware droppers. They're Trojan horses. They display advertisements, change search results and open "back doors" to your system for other types of malware. They're also known as 28C6.TMP, B3B7.TMP, Alureon, TDSS and TDL. They originate from Portugal and Poland. Don't worry about it if your AV says they're cleared now though. Stuff like that just drops off the internet sometimes, you can't really help it.