Start to remove RemoteAccess:Win32/BackOrifice2000 now!
RemoteAccess:Win32/BackOrifice2000 description and removal instruction

RemoteAccess:Win32/BackOrifice2000

Free RemoteAccess:Win32/BackOrifice2000 Scan

Technical information
Payload
Removal instructions

Technical information

The RemoteAccess:Win32/BackOrifice2000 will install rogue security software Simnet Disk Cleaner 2011 into the affected machines without users knowledge. The RemoteAccess:Win32/BackOrifice2000 file size is 26624 bytes.

Payload

Once launched, the RemoteAccess:Win32/BackOrifice2000 performs the following actions:

  • Download rogue security tool Simnet Disk Cleaner 2011 from the following domains:
    http://www.simnetsoftware.com/products/simnet-disk-cleaner.html
  • Modify the properties of the following files:
    %SYSTEMROOT%:\WINDOWS\winsxs\amd64_microsoft-windows-tdi-driver_31bf3856ad364e35_6.1.7600.16385_none_c2e33a334fa77fd1\\tdi.sys

    (26624 bytes; detected by HitMalware as " RemoteAccess:Win32/BackOrifice2000")
  • Removal instructions

    If your machine doesn't have antivirus/antispyware, please take the following steps to resolve the problems caused by RemoteAccess:Win32/BackOrifice2000:

    1. Replace the infected file tdi.sys for free by using tdi.sys repair tool - DLL Suite. See how to replace tdi.sys by using DLL Suite.

    2. Perform a full RemoteAccess:Win32/BackOrifice2000 scan by using the latest antivirus/antispyware HitMalware.
    (Download Trial Version Now)

    MD5: 55251835525183


    How to replace tdi.sys by using DLL Suite

  • Download DLL Suite, install and run
  • Click "Start Scan" button to check tdi.sys file
  • Choose tdi.sys and click "More Information"
  • Download tdi.sys for free from the open web page
  • Save tdi.sys to its default folder to replace infected tdi.sys file.
  • Download RemoteAccess:Win32/BackOrifice2000 Removal Tool Now

    Download RemoteAccess:Win32/BackOrifice2000 Removal Tool Now