Welcome to the Virus Encyclopedia of Panda Security.
It has rootkit functionalities in order to remain hidden in the system and avoid its detection. When users access any website, another website is displayed before, preventing users to access it straightly. It reaches the computer passing itself off as a flash update in an email message.
|First detected on:||Dec. 1, 2009|
|Detection updated on:||Dec. 3, 2009|
TDSS.CZ is a Trojan with rootkit characteristics which allow it to remain hidden in the system and avoid its detection. For example, when it is run, the file disappears from the path where it has been copied, though it's not really so, the file has just hidden itself.
Additionally, when users access any website, before it is opened, another website is displayed preventing users to access it straightly.
TDSS.CZ reaches the computer passing itself off as a flash update in an email message as an attached file or that contains a link to a website from which it is downloaded.
TDSS.CZ is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.
However, when users are browsing through the Internet and access any website, before the website is displayed, an Internet Explorer window like the following is opened, indicating that the website cannot be displayed:
The website users attempt to access is opened, but the image of the website above is displayed before, preventing users from viewing the page they want to access.>