Security [CENTRAL] Forum - SCforum.info
23. May 2012., 17:29:32 *
Welcome, Guest. Please login or register.

Login with username, password and session length

SCforum.info - Security [CENTRAL] Forum

↑ Grab this Headline Animator

Custom Search
News: For ultra cheap bullet proof vests, hard armor ballistic plates or for advice on body armor in general visit SafeGuardClothing.com
 
  Home Help Chess Links Login Register   *

SCforum.info


furniture store



SCF Friends
SCF Portal Stats
Members
Total Members: 11256
Latest: rbraik
Stats
Total Posts: 15635
Total Topics: 4336
Online Today: 2742
Online Ever: 51419
(01. January 2010., 10:27:49)

SCF UnSpam

Top Ten Antivirus Software

Friend of WOT


SCF Feedburner

SCF Facebook

SCF Twitter

Welcome to SCforum.info - Security [CENTRAL] Forum, a home of the SCF Community devoted to provide Computer related News, Alerts, Downloads and FREE Help in such a way that even the novice computer user can understand.

Getting started using our community is extremely easy, check the two steps below:

Step 1: Create an account by clicking here and wait for approval from Administrator. It's completely free with no hidden strings attached.

Step 2: If you have a computer problem and need some help, or just want to take part in opened discussions, simply browse Forum. Once you *Register an account, you can quickly post your questions and comments.

(*Registered Members get: free support, also, they can communicate privately with other members via PM, removal of this message, see fewer ads and much more...)





Security [CENTRAL] Forum - SCforum.info > World TOP Headlines: > Latest Security News & Alerts (Moderators: neerajrawat1, jheysen) > Topic: New trojan atack on Windows help (Muster.e, imepaden.hlp, upgraderU.exe)
Pages: 1
« previous next »
  Print  
Author Topic: New trojan atack on Windows help (Muster.e, imepaden.hlp, upgraderU.exe)  (Read 2385 times)
0 Members and 2 Guests are viewing this topic.
Samker
SCF Administrator
*****

KARMA: 86
Gender: Male
Location: Europe
Posts: 5077


Whatever doesn't kill us makes us stronger.

Google Talk
WWW
« on: 03. February 2010., 07:30:17 »


Security researchers have spied malware that stashes a copy of itself in a Windows help file to ensure victim computers remain infected.

The trojan, dubbed Muster.e by anti-virus provider McAfee, infects a Windows file called imepaden.hlp so it stores the main components of the malware in encrypted form. In the event the installed malware is removed, the secret payload is decrypted into an executable file called upgraderUI.exe and run by a companion installation file that automatically runs as a Windows service.

"This is hiding in plain site," said Craig Schmugar, a threat researcher at McAfee Labs. "The help file trick is pretty new to us. Usually on the client, we don't see this very often."

The technique ensures Muster.e remains installed on an infected PC even if most of the files associated with the malware are removed. No doubt it's also perplexed its share of users who for the life of them can't figure out how their PCs keep getting reinfected.

McAfee has more here: http://www.avertlabs.com/research/blog/index.php/2010/02/02/be-careful-on-help-files/

(Register)
Logged
~

SCF "Remote PC Assist": http://scforum.info/index.php/topic,3067.0.html

~~~
Security [CENTRAL] Forum - SCforum.info
« on: 03. February 2010., 07:30:17 »


 Logged
Pages: 1
  Print  
Security [CENTRAL] Forum - SCforum.info > World TOP Headlines: > Latest Security News & Alerts (Moderators: neerajrawat1, jheysen) > Topic: New trojan atack on Windows help (Muster.e, imepaden.hlp, upgraderU.exe)
 « previous next »
 
Jump to:  

Enter your email address to receive daily email with 'SCforum.info - Security CENTRAL Forum' newest content:

Terms of Use | Privacy Policy | Advertising
Powered by MySQL Powered by PHP Powered by SMF | SMF © 2011, Simple Machines
TinyPortal © Bloc 		Valid XHTML 1.0! Valid CSS!


Google visited last this page 09. May 2012., 10:34:48