Sophos

Troj/Pushdo-Gen

Category
Type
What to do
Prevalence low high

Summary

 
Affected operating systems Windows
Characteristics
  • Drops more malware
Protection available since 3 August 2007 06:57:50 (GMT)
Last updated 8 August 2008 04:50:34 (GMT)
Detected by All Sophos products
  • Free virus, spyware, and adware scan
  • Test your existing anti-virus protection
  • Find threats your anti-virus missed

Action

More Information

Troj/Pushdo-Gen is a family of Trojans for the Windows platform.

When members of Troj/Pushdo-Gen are installed they drop and run a further file in memory, usually detected as Troj/Pushu-Gen or Mal/Basine-C. This may then drop further files, including some of the following:

<Windows>\system32\drivers\ip6fw.sys
<Windows>\system32\drivers\netdtect.sys
<System>\drivers\runtime.sys
<System>\drivers\secdrv.sys

These files are used to provide stealthing for the Trojan.

The dropped file in memory will also often attempt to inject further code into Internet Explorer.

RSS|Atom
Get reports about the latest virus and spyware threats delivered to your computer