Home>Trojan Programs>PSW Trojans>

Trojan.PWS.OnlineGames.ZKH

Alert Level :	medium
Discovered:	2008Jul29
Tag:	Trojan   PWS
Discoverer and Source:	http://www.bitdefender.com/

Malware Behavior and Technical Description

- the presence of an executable file named wooooooh.exe and a dll file woooooo.dll in %SYSDIR%
- the presence of nt_fast32.dll in %TEMPDIR%
- the presence of the following value in the AppInit_DLLs registry key
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\
Name --> AppInit_DLLs
Value --> woooooo.dll

This malware is used to steal user information from online games as qqlogin.exe hx2game.exe and others. The dll file will be injected in every running process. If you run one of the mentioned games it will send user data to a chinese server.
The malware that drops this file is detected by Bitdefender as Trojan.PWS.OnlineGames.ZAY.

Removal Trojan.PWS.OnlineGames.ZKH instructions:

Please let BitDefender delete your files.

Need help? Live computer support via remote at SupportSpace.Help with printer problems, windows, hardware, software, spyware removal and more. - Go Now!

Great Anti-Virus Software : Kaspersky Internet Security 2009 Save 35% Buy Panda Global Protection 2009 and Panda Antiviru Download PandaLabs Reports Free AVG virus removel tools Hunting Down Spyware and Adware Adware and spyware, knowing the basics Adware Spyware Remover from CBAdvance Keeping Your Computer in Good Condition Using Free Spyware A Beware of Covert Online Spies Why the Need to Remove Adware and Spyware