|
Description:
This Trojan may be dropped by other malware.
It may arrive bundled with malware packages as a malware component.
It may be downloaded unknowingly by a user when visiting malicious Web sites.
It enumerates all the CLSIDs present under a specific registry key. It then modifies the data of the values NameServer and DhcpNameServer of all the CLSIDs that it finds. If it does not find the value NameServer or DhcpNameServer, it creates the said values.
After performing its malicious routines, it then renews the IP address of the affected system using a certain command.
It deletes itself after execution.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jul. 15, 2009 3:06:23 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
