Pakes.ARD_2 is a Trojan. A Trojan is a program that pretends to have a valid use, but in fact modifies the user's computer in malicious way. Trojans do not replicate or spread to other computers. Pakes.ARD_2 is compressed using the executable packer and its file size is 94,208 bytes. Pakes.ARD_2 drops the following files on the hard drive: - C:\WINDOWS\TEMP\id.sys (21843 bytes)
- C:\WINDOWS\TEMP\5d5rlo.dll (32566 bytes)
It also contains anti-debugging code, monitors the list of running processes, attempts to acquire the "SeDebugPrivilege" privileges,
|
