検索:
ホーム   »     »   Rootkit Installs Itself as a BHO

Rootkit Installs Itself as a BHO

  • 投稿日:2006年9月15日
  • 脅威カテゴリ:未分類
  • 執筆:ウイルス解析担当者
0

Browsers are often used as platforms by spyware and adware in order to execute. By installing themselves as browser helper objects, spyware and adware give themselves a chance to execute whenever the user fires up the browser to do some web surfing.

But this technique is no longer exclusive to such malicious programs. A rootkit can also register itself as a BHO in the case of TROJ_LINKOPTIM.G. Based on initial analysis, this Trojan is the rootkit component of TROJ_RKDICE.H. TROJ_LINKOPTIM.G connects to several URLs containing scripts that may compromise security on the affected system. As a security measure, these URLs are blocked from access. The Trojan also uses a dose of social engineering when it present itself as a Network Monitor API of Microsoft which is clearly a bogus claim.

A solution for this threat has already been deployed in CPR 3.748.06.

No related posts.



  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2021 Trend Micro Incorporated. All rights reserved.