Class Trojan-PSW
Platform Win32

Technical Details

This Trojan program is designed to steal user passwords. This Trojan is a Windows PE EXE file. It is 155 648 bytes in size.


The Trojan harvests parameters to all remote connections installed on the system (user name, password, number to be called to establish a connection). Harvested data is saved to the following log file:


The log file is sent to the following email addresses:


Removal instructions

If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:

  1. Use Task Manager to terminate the Trojan process.
  2. Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
  3. Delete the following file:
  4. Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).
Find out the statistics of the threats spreading in your region