Winpao is a Trojan that is programmed to steal information from the computer in which it is run and send it along with the name of the Trojan that has attacked the computer to its author. The information it obtains includes the server name, the e-mail password, mail received, message subjects, the passwords file, the SMTP ID and the user name.
It also looks for processes belonging to antivirus programs or system monitoring tools and ends them.
Winpao does not spread automatically using its own means. It needs the attacking user's intervention in order to reach the affected computer. The means of transmission used include, among others, floppy disks, CD-ROMs, e-mail messages with attached files, Internet downloads, FTP, IRC channels, peer-to-peer (P2P) file sharing networks, etc.>