Home / malware Trojan:W32/Patched
First posted on 28 September 2009.
Source: SecurityHomeAliases :
There are no other names known for Trojan:W32/Patched.
Explanation :
A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.
Additional DetailsTrojan:W32/Patched is a detection for files (usually Windows components) that are patched by a malicious application.
The purpose of patching varies. For example, some malware will patch system components in order to disable security, such as the Windows Safe File Check feature; others will add malicious code to a system component and then patch certain functions of the original file to point to the added code.
The most frequently patched components are:
  • winlogon.exe   • wininet.dll   • kernel32.dll   • iexplore.exe
Note
Achtung: False Positive Notification
The 2008-11-04_04 database contained a false positive on a German language Windows XP Service Pack 2 file called User32.dll located in the C:WINDOWSsystem32 folder. The detection was named Trojan.Win32.Patched.dn and is resolved in the 2008-11-04_06 update.
If you were alerted to Trojan.Win32.Patched.dn, please make sure that you have the most current update, and that User32.dll has not been renamed.Last update 28 September 2009
