Class Trojan
Platform Win32

Technical Details

this text was written by Alexey Podrezov, Data Fellows Ltd

This Trojan does not destroy anything, but is very annoying. It copies its
link to a start-up folder to be run during Windows bootup, does not allow it to
“kill” its task, and makes itself known every time. It is pretty hard to remove,
because it blocks its application and VB DLL, re-creates its link in
the start-up directory or even the whole directory if deleted. Upon attempting to
kill its task, the Trojan opens several more essences of itself as
‘punishment’. To remove this Trojan, you need to put the following command
in the beginning of your AUTOEXEC.BAT file in root C: folder:


Find out the statistics of the threats spreading in your region