Home / malware

PDF

VirTool:WinNT/Gearclop.A

First posted on 08 June 2010.
Source: SecurityHome

Aliases :

There are no other names known for VirTool:WinNT/Gearclop.A.

Explanation :

VirTool:WinNT/Gearclop.A is a trojan component installed by Win32/Gearclop. Its purpose is to send keystrokes to dismiss alert windows displayed by security software.
Top

VirTool:WinNT/Gearclop.A is a trojan component installed by Win32/Gearclop. Its purpose is to send keystrokes to dismiss alert windows displayed by security software. InstallationVirTool:WinNT/Gearclop.A is installed by Trojan:Win32/Gearclop.gen!C as the following: %temp%\kslfdd.sys Payload Dismisses security software detection alertsThe dropped component "kslfdd.sys" is used by Trojan:Win32/Gearclop.gen!C to send keystrokes to dismiss alert windows from antivirus and firewall software.

Analysis by Chun Feng

Last update 08 June 2010

 

TOP