Troj/PWS-ACP

Category: Viruses and Spyware Protection available since:17 Oct 2006 00:00:00 (GMT)
Type: Trojan Last Updated:17 Oct 2006 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/PWS-ACP is a password stealing Trojan for the Windows platform.

Troj/PWS-ACP includes functionality to access the internet and communicate with a remote server via HTTP.

Troj/PWS-ACP also attempts to terminate a number of AV and security related processes.

When first run Troj/PWS-ACP copies itself to:

<Temp>\116501456
<System>\ravseteyns.exe

Troj/PWS-ACP creates the file <System>\winsylbtew.dll. This is in fact a text file, and may safely be deleted.

The following registry entry is created to run ravseteyns.exe on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Rapdatybs
<System>\ravseteyns.exe

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy