Active Scan. Scan gratis uw PC
Download Cloud Antivirus Gratis


Welkom bij de virusencyclopedie van Panda Security.


Threat LevelLow threatDamageHighDistributionNot widespread
Common name:Sinowal.WVM
Technical name:Trj/Sinowal.WVM
Threat level:Medium

It reaches the computer via Facebook in a message that seems to have been sent by a friend and that contains the link to a photo. Besides stealing the users' login data to Facebook, it also designed to steal other type of confidential information from the computer and the user.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:Feb. 8, 2010
Detection updated on:Feb. 22, 2010

Brief Description 


Sinowal.WVM is a Trojan which is distributed via Facebook in messages that contain a link to see a photo.

If users follow the link, they will be redirected to different websites. In one of them, they will be required to login to Facebook again, and then they will be redirected to another website from which the Trojan will be downloaded disguised as an update of Adobe Flash Player.

Once installed, Sinowal.WVM is designed to steal confidential information about the computer and the user. Additionally, it had previously obtained the login data to Facebook.

Visible Symptoms 


Sinowal.WVM is easy to recognize, as it is distributed via Facebook in a message like the following, which seems to have sent by a friend and which contains a link to see a photo:

Message sent via Facebook