Content
PWS-Satiloler.d
- Type
- Trojan
- SubType
- Password Stealer
- Discovery Date
- 08/31/2006
- Length
- Varies
- Minimum DAT
- 4842 (08/31/2006)
- Updated DAT
- 5110 (08/31/2007)
- Minimum Engine
- 5.1.00
- Description Added
- 08/31/2006
- Description Modified
- 09/04/2006 9:50 PM (PT)
Tab Navigation
Characteristics
This detection covers a modified (or patched) SFC.DLL, or SFC_OS.DLL file. Such a modification is a likely indication that some other piece of malicous code has run on the infected system.
Symptoms
Windows File Protection rendered ineffective.
Method of Infection
Several different pieces of malware can be responsible for patching SFC.DLL or SFC_OS.DLL
Removal
All Users:
Use current engine and DAT files for detection and removal.
Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).
Variants
Variants
N/A
All Information
Overview -
This detection covers a modified (or patched) Windows File Protection component. Malware patches this component in order to infect Windows protected files without triggering a Windows File Protection alert.
Aliases
- PatchedSFC
Characteristics
Characteristics -
This detection covers a modified (or patched) SFC.DLL, or SFC_OS.DLL file. Such a modification is a likely indication that some other piece of malicous code has run on the infected system.
Symptoms
Symptoms -
Windows File Protection rendered ineffective.
Method of Infection
Method of Infection -
Several different pieces of malware can be responsible for patching SFC.DLL or SFC_OS.DLL
Removal -
Removal -
All Users:
Use current engine and DAT files for detection and removal.
Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).
Additional Windows ME/XP removal considerations
Variants
Variants -
N/A
