Troj/PWS-ATU

Category: Viruses and Spyware Protection available since:18 Sep 2008 12:26:13 (GMT)
Type: Trojan Last Updated:18 Sep 2008 12:26:13 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/PWS-ATU steals internet account details and sends them to a preconfigured email address.

When first run, Troj/PWS-ATU copies itself to ctfmgr.exe in the Windows folder and creates the following registry entry in order to be run automatically:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ctfmgr
<Windows>\ctfmgr.exe

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy