Bkdr_nornod.a

04-03-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

Bkdr_nornod.a

This backdoor may be dropped by other malware, specifically by TROJ_PIDIEF.AW.
It registers itself as a system service to ensure its automatic execution at every system startup. It does this by creating registry keys/entries. It creates registry key(s)/entry(ies) as part of its installation routine.
It opens ports where it listens for remote commands.
It drops files.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

startup(7) Miscellaneous Information Manual startup(7) NAME
startup - event signalling system startup SYNOPSIS
startup [ENV]... DESCRIPTION
The startup event is generated by the Upstart init(8) daemon after it has completed its own initialisation and is the signal that the rest of the system may be started. Typically this will involve checking and mounting the partitions and drives that form the filesystem, loading drivers for connected devices and starting the X windowing system or other login environment. In the default Upstart configuration, the primary task run on the startup event is the /etc/init/rc-sysinit.conf job responsible for gener- ating the System V compatible runlevel(7) event. See that page for a more detailed explanation of this process. Paradoxically there is currently no corresponding Upstart-native event signifying that the system is to be shutdown, only the System V com- patible runlevel 0 and runlevel 6 events provide this functionality. EXAMPLE
A service with no other dependencies run on startup might use: start on startup SEE ALSO
runlevel(7) init(8) Upstart 2009-07-09 startup(7)

Malware Advisories (RSS)

Bkdr_nornod.a

LEARN ABOUT SUSE

startup