Detect Date | 01/11/2002 |
Class | Trojan-PSW |
Platform | Win32 |
Description |
Technical DetailsThis Trojan is one of a family of Trojans which steals user passwords. It is designed to steal confidential data. It is a Windows PE EXE file. The file is 9,728 bytes in size. It is written in Visual C++. PayloadThe Trojan changes the values of the following system registry keys: [HKCUSoftwareMirabilisICQAgentAppsICQ] [HKCUSoftwareMirabilisICQAgent] The Trojan uses WnetEnumCachedPasswords to harvest information about modem connections used by the system to access the Internet and passwords for these connections. The Trojan sends harvested data to the remote malicious user’s email address: lenin*****@usa.net The Trojan uses mail.computer.com to send outgoing messages Removal instructionsIf your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:
|
Find out the statistics of the threats spreading in your region |