|
|
|
|
|||||||
| Forums | Portal | Register | Forum Rules | FAQ | Contribute | Members List | Arcade | Search | Today's Posts | Mark Forums Read |
| Malware Advisories (RSS) Malware Security Advisories Via RSS |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Pe_trats.a-o | iBot | Malware Advisories (RSS) | 0 | 12-31-2007 07:20 AM |
| Pe_trats.a-o | iBot | Malware Advisories (RSS) | 0 | 12-30-2007 11:10 PM |
 |
|
|
Submit Tools | LinkBack | Thread Tools | Display Modes |
|
#1
12-29-2007
|
||||
|
||||
|
Pe_trats.a-o
This file infector may be dropped by other malware.It may be downloaded unknowingly by a user when visiting malicious Web sites.
It registers itself as a Browser Helper Object (BHO) to ensure its automatic execution every time Internet Explorer is run by creating registry keys/entries.It modifies registry entries to enable its automatic execution at every system startup. It drops a DLL component file detected by Trend Micro as TROJ_TRATS.A which is injected into certain running processes to remain memory resident. It infects EXE files by placing victim files between its own code and TROJ_TRATS.A then replaces the original file. When one of infected files is executed, it drops the original victim file in the current path and executes it normally. More... 
|
||||
| Google The UNIX and Linux Forums |
| Forum Sponsor | ||
|
|
|
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
