Protector Plus Download Antivirus
Home
Download Antivirus
Antivirus Products
Order Antivirus


Antivirus Software for Windows XP/2000/2003
Antivirus Software for Windows Me/98
Antivirus Software for Exchange 2000/2003
Antivirus Software for NetWare

W32/OnLineGames.PRS Trojan

Name W32/OnLineGames.PRS Trojan
Aliases Trojan-PSW.Win32.OnLineGames.prs, PWS-LegMir.gen.k, W32/Lineage.HHE.worm, W32.Gammima.AG
Discovered on March 19, 2008

 Virus Information - W32/OnLineGames.PRS Trojan:

W32/OnLineGames.PRS is a password stealing trojan. The trojan will infect Windows systems.

Upon execution, the trojan drops the following files:

tavo0.dll in the Windows System folder,
kavo1.dll in the Windows System folder,
kavo.exe in the Windows System folder,
tavo.exe in the Windows System folder,
8oc.dll in the Current User's temp folder,
lbq7cc.dll in the Current User's temp folder,
7x.dll in the Current User's temp folder.

It also copies nncu6kk.com, i8.com and autorun.inf in all drives. When ever a drive is accessed i8.com will be executed.

The trojan modifies registry at the following location to load itself during each startup;

HKEY_USERS\S-1-5-21-1004336348-413027322-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\kava
HKEY_USERS\S-1-5-21-1004336348-413027322-682003330-500\Software\Microsoft\Windows\CurrentVersion\Run\tava

The trojan also attempts to connect to remote web-sites to download malicious files.

Anti virus for Windows Download Now!

Home Page Download Antivirus Antivirus Products Order Antivirus

Copyright © 2008 Proland Software.All rights reserved

antivirus software, anti virus software, anti virus, download antivirus, download anti virus, free antivirus, free anti virus, antivirus, download, free, windows, windows xp, xp, sp2, windows me, windows 2000, 98, 95, nt, me, 2003, netware, anti-virus, virus, worm, trojan, protector, plus, proland, virus software, spyware