Threat Information for "Trojan.PWS.Lineage"

Removal Top

StopSign will automatically remove this infection with a paid membership.

Summary Top
  • Name: Trojan.PWS.Lineage
  • Aliases:
  • Date Discovered: 2006-10-06
  • Protection Added: 2006-10-10
Description Top 
-- Ease of Removal

1: Uses running processes
2: Consistently named
3: Consistent file contents
4: Creates new registry entries with consistent data

-- Privacy Risks/Security Changes

1: Mimics legitimate file names
2: Harvests personal data
3: Captures financial information
4: Transmits personal data to remote computers
5: Harvests saved passwords

-- Damage/Intrusion/Annoyance

1: Creates new files

-- Propagation/Saturation

1: Infects from an email attachment
2: Infects from a link in an email
3: Spreads through Peer-2-Peer software
4: Installed by other infections
Technical Details Top
  • Added Directory/File:
    FilePath: %USERLOCALSETTINGS%\temp\t?.exe
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\*.* MD5: EFC8E67876B38216E8D457FA2DCC9BCB
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\explorer.exe
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\*.* MD5: 1D4D5F9111E129713B16C0D11D889874
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\*.* MD5: e9a3741d330b40aca1c6282c55bd6aee