It accesses the files where the information entered in the web forms is stored in order to obtain confidential information and can gain full access to the affected computer. It does not spread automatically by its own means.

Windows 2003/XP/2000/NT/ME/98/95

Artesimda.A is a Trojan that monitors Internet traffic generated and acceses the files where the data entered in the web forms by the users is stored, in order to obtain confidential data, such as usernames and passwords belonging to banking and email accounts, among others.

Additionally, it gains remote access and full control of the affected computer by creating a Windows user account and by using a Windows service of remote administration.

Artesimda.A does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, email messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.

Artesimda.A is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.

However, if the welcome screen is activated, it can be recognized as a user called Adminestrator is displayed on the screen: