Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus


Posts Tagged ‘patched’
June 11th, 2009

What is Win32:Patched [Trj]

A patch is a utility that can be used to change a few bytes in the original file. It’s usually used to bypass license validation or to enable a hidden function. These patches are normally used with the knowledge and agreement of the user. However, another group of patches is actually malware which is used to perform the same functions without the user’s knowledge or agreement. In this case, system files are patched to gain backdoor access to a system (i.e. by changing the startup key to run the malware after booting). These files are detected by avast! as Win32:Patched.

The difference between file infectors (viruses) and patches is shown in the picture below. Patches just change a few bytes and can’t spread themselves. File infectors infect (patch) the victim file and add a virus body to perform a malicious action and can infect other files.

Different between Patcher x File infector

Differences between Patcher x File infector

Read more…

Categories: lab Tags:
Comments off