Home / malware VirTool:DOS/Konboot
First posted on 04 March 2010.
Source: SecurityHomeAliases :
VirTool:DOS/Konboot is also known as not-a-virus:PSWTool.Boot.KonBoot.a (Kaspersky), BOOT.GENERIC (Trend Micro), Kon Boot (other).
Explanation :
VirTool:Win32/Konboot is a utility that allows a user to log on and gain access to a computer without requiring authenticated user logon credentials.
Top
VirTool:Win32/Konboot is a utility that allows a user to log on and gain access to a computer without requiring authenticated user logon credentials. InstallationAt the time of this writing, Konboot is available as an archive containing an image file named "cd-konboot-v1.1-2in1.iso". The .ISO image is then used to create a bootable image on either CD-ROM or USB removable drive. Booting a computer using the boot image allows a user to log on to a user account without knowing the logon credentials. After logging on, a user could make changes to the computer such as modifying the logon credentials or other actions. Additional InformationWhen booting the computer and starting Windows, VirTool:Win32/Konboot alters the Windows kernel. This can have the effect of destabilizing the applications or the operating system or €“ in more extreme cases €“ crashing the operating system resulting in data loss.
Analysis by Aaron HulettLast update 04 March 2010
