TROJ_CUTWAIL.SMQ
Windows 2000, XP, Server 2003
Threat Type: Trojan
Destructiveness: No
Encrypted: No
In the wild: Yes
OVERVIEW
This Trojan may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites.
It connects to a website to send and receive information.
TECHNICAL DETAILS
26,181 bytes
PE
Yes
05 Aug 2010
Connects to a website to send and receive information
Arrival Details
This Trojan may be dropped by other malware.
It may be unknowingly downloaded by a user while visiting malicious websites.
Installation
This Trojan stays memory-resident by injecting codes into the following processes:
- SVCHOST.EXE
Backdoor Routine
This Trojan connects to the following websites to send and receive information:
- host{BLOCKED}ficrack.com
SOLUTION
8.900
7.365.00
05 Aug 2010
8/5/2010 12:00:00 AM
Step 1
For Windows XP and Windows Server 2003 users, before doing any scans, please make sure you disable System Restore to allow full scanning of your computer.
Step 2
Scan your computer with your Trend Micro product and note files detected as TROJ_CUTWAIL.SMQ
Step 3
Restart in Safe Mode
Step 4
Search and delete the file detected as TROJ_CUTWAIL.SMQ
Did this description help? Tell us how we did.