x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

Egrof

 
Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Egrof
Technical name:Trj/AOLPS.Egrof
Threat level:Low
Type:Trojan
Effects:  It saves the data for accessing an instant messaging service from affected computers.

Affected platforms:

Windows ME/98/95

Detection updated on:Feb. 26, 2003
StatisticsNo

Brief Description 

    

Egrof is a Trojan that saves the access data of the users of the America On Line (AOL) instant messaging service in a file. The data it obtains is the user name and password.

An attacker could use this information to access the connection accounts of affected users.

Egrof uses various means to spread: e-mail messages with an infected document, computer networks, CD-ROMs, Internet downloads, FTP, floppy disks, etc.

Visible Symptoms 

    

Egrof is very easy to recognize, as it simulates a connection to the America On Line (AOL) instant messaging service. However, it returns the following error message:

The process it follows is:

When the file carrying the Trojan is run, Egrof displays the following message:

When the user enters a user name and password and clicks on the Sign on button, Egrof displays two screens that simulate a connection being established and the user data being checked, the first of which is the following:

Finally, it displays the error message indicated above.