Home » Security News » Vulnerabilities » Trojan “Plays” With Install Files

Trojan “Plays” With Install Files

McAfee recently announced about the malware that attempts to hide its contagion in a quite exceptional way. At this point it is not a technical issue. The malicious software is able to hide its copy in a Windows help file to convince users their computers were infected.

“Muster” is a group of backdoor which has an ability to hide themselves under the help files. The help files or “.hlp” files are information files created to be run through with Microsoft WinHelp browser. At this point it is needed to provide online helps for applications users.

A recent variant Muster.e is dubbed to ant-virus provider McAfee. For that reason the Trojan infects a Windows file named as imepaden.hlp and collect the malicious content under the encrypted form. At the process the installed malware is removed but the unknown payload is renamed into an executable file named upgraderUI.exe. As a result, it is run by an affiliated installation file that runs automatically as Windows service.

Notice, that Muster.e stays installed on an infected computer. Furthemore, it does not disapear if most of the files are connected with malicious software are removed. It is suggested by McAfee to add help files if there any suspisious mind that PC may be infected.

February 5, 2010 | Vulnerabilities, trojan, muster, mcafee, microsoft, malware

More Vulnerabilities news

A Bug Found in OpenSSL

A Bug Found in OpenSSL

A “severe vulnerability” was found in the OpenSSL. Computer researcher's used software encryption package that allows them to rebuild a machine's confidential cryptographic key. The flaw in OpenSSL is important because the open-source package is used to protect sensitive data all over the world. Read more.


News categories

Latest news

Antispyware Software