Troj/Banito-BE

Category:	Viruses and Spyware	Protection available since:	18 Oct 2006 00:00:00 (GMT)
Type:	Trojan	Last Updated:	18 Oct 2006 00:00:00 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Summary
More information

Troj/Banito-BE is a backdoor Trojan for the Windows platform.

Troj/Banito-BE connects to a remote site and then awaits commands from a remote user.

The Trojan includes includes a keylogging component that records user keystrokes.

When installed the Trojan copies itself to the <Windows>\wintask.exe and creates the <Windows>\sysxx32.ss file where xx are random characters. This file is a log file and may be safely deleted.

Troj/Banito-BE may set an entry in the registry at the following location to run the main component on system startup:

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\ActiveX Key
StubpatH
<Windows>\wintask.exe

Try Sophos products for free
Download now

Troj/Banito-BE

Free Mac Anti-Virus

Popular topics