VirTool:Win32/Konboot is a utility that allows a user to log on and gain access to a computer without requiring authenticated user logon credentials.
At the time of this writing, Konboot is available as an archive containing an image file named "cd-konboot-v1.1-2in1.iso". The .ISO image is then used to create a bootable image on either CD-ROM or USB removable drive. Booting a computer using the boot image allows a user to log on to a user account without knowing the logon credentials.
After logging on, a user could make changes to the computer such as modifying the logon credentials or other actions.
When booting the computer and starting Windows, VirTool:Win32/Konboot alters the Windows kernel. This can have the effect of destabilizing the applications or the operating system or – in more extreme cases – crashing the operating system resulting in data loss.
Analysis by Aaron Hulett
Alert notifications or detections of this malware from installed antivirus or security software may be the only symptom.