Troj/VB-ELW

Category:	Viruses and Spyware	Protection available since:	11 Jan 2010 12:30:37 (GMT)
Type:	Trojan	Last Updated:	11 Jan 2010 12:30:37 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/VB-ELW is a Trojan for the Windows platform.

Troj/VB-ELW includes functionality to:

- run automatically
- steal confidential information
- access the internet and communicate with a remote server via HTTP

Troj/VB-ELW communicates via HTTP with the following locations:

google . com . br

When Troj/VB-ELW is installed it creates the file <Windows>\Mstectf.log (kind of crash-dump) and the file <Windows>\Trenzi.log.

It also copies self (part of) into <SystemRoot>\system32\aecces.exe and creates following registy entries:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"Machine Works, Inc."
"<SystemRoot>\system32\aecces.exe"

When Troj/VB-ELW is installed it creates the file <Windows>\Mstectf.log (kind of crash-dump) and the file <Windows>\Trenzi.log.

Troj/VB-ELW also drops fake "Adobe Flash Player" (as BHO) into <SystemRoot>\system32\flashdob.dll

Try Sophos products for free
Download now

Troj/VB-ELW

Free Mac Anti-Virus

Popular topics