![]() |
|
|
|
|
|||||||
| Forums | Portal | Register | Forum Rules | FAQ | Contribute | Members List | Arcade | Search | Today's Posts | Mark Forums Read |
| Malware Advisories (RSS) Malware Security Advisories Via RSS |
|
|
Submit Tools | LinkBack | Thread Tools | Display Modes |
|
#1
|
||||
|
||||
|
Bkdr_protux.ar
This backdoor may be dropped by other malware, specifically TROJ_WORDROP.A.
Upon execution, this backdoor drops several files. Once a certain file is executed, it drops more files into the system. The time and date stamp of a non-malicious file is copied to a dropped DLL file. It then modifies a registry entry to enable the dropped DLL file to run on every windows start up. This backdoor opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, a remote user may be able to execute the following commands on the affected system: However, due to an error in its code, it fails to perform these backdoor routines. More... |
||||
| Google The UNIX and Linux Forums |
| Forum Sponsor | ||
|
|