Home / malwarePDF  

Other:W32/Stealth_file


First posted on 26 April 2010.
Source: SecurityHome

Aliases :

There are no other names known for Other:W32/Stealth_file.

Explanation :

The file appears to be suspicious, is potentially undesirable, or may be structured in a way or has characteristics that resembles known malware. This may indicate the presence of a malware infection, or that the suspect file is malicious.

Additional DetailsA hidden item was found on the computer. Hidden processes, files and applications are by default treated as suspicious items. The presence of these items can indicate the following:

€ A normal, non-malicious application might be hidden for some reason OR € Malware (a stealth virus, rootkit or spyware) may be hiding on the computer
There are many malicious and non-malicious reasons why items can be hidden on the computer:

XCP Digital Rights Management (DRM) software
Copyright-protection software included on some music CDs in order to hides files and processes.
Backdoor:W32/Haxdoor:
This backdoor hides important system files, which are not malicious themselves. € Mebroot:
This is a family of spyware that hides files and processes.

Sending A Sample to F-Secure (Advanced users)

Since hidden items are often related to malware, we ask that you consider sending us a sample of the hidden files. Please follow the instructions on submitting samples. Since the files are hidden, you might not be able to access them directly. To access the files, you might need to do one of the following:

€ Start your computer in Safe Mode. In safe mode, the files may become visible. € Rename the files. After renaming the files and restarting the computer, the files may become visible.
In some cases, the computer must be started in safe mode after renaming for it to be successful. € Reboot your system using Windows Recovery Console. The files may be accessible via the Recovery Console.
Once obtained, you can forward the samples to our Security Labs via the Sample Analysis System:
€ Sample Analysis System

Last update 26 April 2010

 

TOP