Trojan-Spy.Win32.Montp.p

tag:Trojan   Spy  

The Trojan loads itself to all processes which have been launched in the system. It then

intercepts the following system functions:

NtQueryDirectoryFile
NtQuerySystemInformation

It does this in order to hide the files shown below on the hard disk:

qttask.exe
odbcct32.dll
perfc053.dat

and to exclude the following process

qttask.exe

from the list of system processes.

The Trojan also hooks the following API functions:

HttpSendRequest InternetCrackUrl

which it uses to track sites visited by the user and information transmitted.

Harvested data is saved to the following log file:

%WinDir%\KB873841.log

If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:

  1. Use Task Manager to terminate the malicious program

    This Trojan tracks the user's Internet activity. It is a Windows PE EXE file. It is 155648 bytes in size.

    Payload

©Virus-Encyclopedia.com All Rights Reserved.