Tuesday, March 08, 2005

SimplyTech

SimplyTech:
"The main problem is that the malware creates a lot of registry entries and it goes in execution at the start of the pc widing itself in RAM and deleting its own *.exe from the C:\Windows\System32 directory.
When the ordinary tools try to remove it, they only clean the registry calls, the C:\Windows\EliteToolbar directory and the cabinets files where it has been originated the first time, but they don't take any actions against the malware itself that is currently running in RAM memory and is waiting for the pc O.S. to be shutted down to repeat the infestation from the back!"

No comments: