Application.Evid.M
LOW
LOW
~40KB
(HackerTool/Evid, HackTool/EvID, EvID4226, Riskware.Tool.EvID4226.A)
Symptoms
TCPIP.SYS was altered
Removal instructions:
Restore the tcpip.sys file from your Microsoft Windows installation CD.
Analyzed By
Marius Vanta, virus researcher
Technical Description:
This application modifies the system file tcpip.sys in order to allow an increased number of TCP connections.
While some users might find this useful (especially those who are using P2P applications), malware programs can also benefit from the increased number of allowed connections, every modified system being more vulnerable to malware threats.
SHARE
THIS ON