Parent class: TrojWare
Trojans are malicious programs that perform actions which are not authorized by the user: they delete, block, modify or copy data, and they disrupt the performance of computers or computer networks. Unlike viruses and worms, the threats that fall into this category are unable to make copies of themselves or self-replicate. Trojans are classified according to the type of action they perform on an infected computer.Class: Trojan
A malicious program designed to electronically spy on the user’s activities (intercept keyboard input, take screenshots, capture a list of active applications, etc.). The collected information is sent to the cybercriminal by various means, including email, FTP, and HTTP (by sending data in a request).Read more
Platform: Win32
Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.Description
Technical Details
this text was written by Alexey Podrezov, Data Fellows Ltd
This Trojan does not destroy anything, but is very annoying. It copies its link to a start-up folder to be run during Windows bootup, does not allow it to "kill" its task, and makes itself known every time. It is pretty hard to remove, because it blocks its application and VB DLL, re-creates its link in the start-up directory or even the whole directory if deleted. Upon attempting to kill its task, the Trojan opens several more essences of itself as 'punishment'. To remove this Trojan, you need to put the following command in the beginning of your AUTOEXEC.BAT file in root C: folder:
DEL C:WINDOWSSTARTM~1PROGRAMSSTARTUPHECKLER.LNK
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com