Английская Википедия:AFX Windows Rootkit 2003
Материал из Онлайн справочника
Шаблон:Short description AFX Windows Rootkit 2003 is a user mode rootkit that hides files, processes and registry.
Installation
When the installer of the rootkit is executed, the installer creates the files iexplore.dll and explorer.dll in the system directory. The iexplore.dll is injected into explorer.exe, and the explorer.dll is injected into all running processes.
Payload
The injected DLLs hooks the Windows API functions to hide files, processes and registry.
References
Encyclopedia entry: Trojan:Win32/Delf.M - Learn more about malware - Microsoft Malware Protection Center Шаблон:Malware-stub