Application.Evid.M( HackerTool/Evid, HackTool/EvID, EvID4226, Riskware.Tool.EvID4226.A )
SYMPTOMS: TCPIP.SYS was alteredTECHNICAL DESCRIPTION: This application modifies the system file tcpip.sys in order to allow an increased number of TCP connections.While some users might find this useful (especially those who are using P2P applications), malware programs can also benefit from the increased number of allowed connections, every modified system being more vulnerable to malware threats. Removal instructions: Restore the tcpip.sys file from your Microsoft Windows installation CD.ANALYZED BY: Marius Vanta, virus researcher |
