 Questo tool per di rimuovere il trojan Gromozon, compresi il rootkit ed il LinkOptimizer. Di seguito un estratto dal sito del produttore del tool:
What is Gromozon and how did it manage to bypass my current security tools?
Unfortunately Gromozon is not a single infection, but a blended attack designed to bypass traditional anti-malware tools. The end result meaning that the machine is not only infected by several well known Trojans but also a highly dangerous Rootkit. Traditional AV vendors are at the moment dealing with the known infections but overlooking the rootkit.
The path of infection is thus:
• On visiting an infected website an obfuscated JavaScript is run.
• The user is forwarded to another site which contains a further obfuscated JavaScript. This connects to a network of websites which are used to launch the infection routine. These websites are constantly changing and since May 2006 have become considerably more numerous
• A server side script is run to analyse the user agent (web browser) under which the user is visiting. Different attack methods are then launched depending on whether the user is running Opera, Firefox or Internet Explorer.
For Internet Explorer, the victim is presented with the option to install an ActiveX control called FreeAccess.ocx This is actually copied into the Windows system32 folder as a randomly named DLL.
Firefox and Opera undergo a very clever piece of social engineering. What appears to be a link to www.google.com is presented to the victim. This unfortunately is not a hyperlink but in fact a cleverly hidden .com file. Once accepted and run, a randomly named DLL is again installed to the windows system32 folder.
• Once the DLL agent is installed, various pieces of Adware are downloaded and installed onto the machine. Examples are the Bravesentry and LinkOptimizer Trojans. The real payload is then downloaded to the victim´s computer. Both a Rootkit and service component are installed along with a hidden windows user account. The main purpose of this is to enable the Adware which was previously installed to be hidden from any Anti-malware tools installed on the machine
Disclaimer: Dinox PC non si assume nessuna responsabilità da danni derivanti dall´improprio uso del software scaricato dal sito www.dinoxpc.com. Leggere le eventuali avvertenze incluse nei programmi dal produttore stesso, prima di usare il software. |
Informazioni
Tutto su questo software
|
|
|
| Versione |
1.0
|
| SO |
Windows NT, 2000, XP
|
| Produttore |
PREVX
|
| Dimensioni |
70,6 KB
|
| Scaricato |
750 volte
|
| Ultimo download |
28.07.2010
|
|
|
|
Tool ricerca per Firefox 2
Tool ricerca per IE7
Dinox PC nei preferiti
Dinox PC come homepage
)
