Welcome to the Virus Encyclopedia of Panda Security.
|Effects: ||It saves the data for accessing an instant messaging service from affected computers.
|Detection updated on:||Feb. 26, 2003|
Egrof is a Trojan that saves the access data of the users of the America On Line (AOL) instant messaging service in a file. The data it obtains is the user name and password.
An attacker could use this information to access the connection accounts of affected users.
Egrof uses various means to spread: e-mail messages with an infected document, computer networks, CD-ROMs, Internet downloads, FTP, floppy disks, etc.
Egrof is very easy to recognize, as it simulates a connection to the America On Line (AOL) instant messaging service. However, it returns the following error message:
The process it follows is:
When the file carrying the Trojan is run, Egrof displays the following message:
When the user enters a user name and password and clicks on the Sign on button, Egrof displays two screens that simulate a connection being established and the user data being checked, the first of which is the following:
Finally, it displays the error message indicated above.