Welcome to the Virus Encyclopedia of Panda Security.
It logs the keystrokes entered by the user, blocks web addresses and stores the certificates used in the affected computer. Then it sends the data it has gathered. It is downloaded by the Trojan Downloader.FHO.>
|First detected on:||Oct. 6, 2005|
|Detection updated on:||Oct. 7, 2005|
Rivarts.A is a Trojan that logs the keystrokes entered by the user, blocks web addresses and stores the certificates used in the affected computer. Then it connects to several PHP scripts hosted in different websites in order to send the data it has gathered.
Rivarts.A contains its own database in order to store both the information it harvests and its settings. Its author has used the SQLite engine, which is an open source library.
This Trojan is downloaded to the affected computer by another Trojan detected as Downloader.FHO.
Rivarts.A is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.