Know your Malware: Hotword.b Removal

Hotword.b, also known as Rona, is a dangerous trojan designed to steal user sensitive information and give the attacker unauthorized remote access to a compromised computer. Once executed, the parasite displays a dialog box prompting the user to enter a password for a ZipLip encrypted document. This dialog box is made to look like a legitimate ZipLip application and hide the trojan's installation process. Then Hotword.b opens a back door. The intruder can use it to log user keystrokes, take screenshots, capture videos, execute commands, download and upload arbitrary files, track user Internet activity, send e-mail messages, alter firewall configuration, steal ICQ account details, etc. Hotword.b can be configured to perform mentioned malicious actions without the attacker's control and interaction. The trojan automatically runs on every Windows startup.

Related files: [X]svchost.exe, login.lnk

Hotword.b properties:
Allows remote user connection
Takes and sends out screenshots of user activity
Sends out logs by FTP or email
Logs keystrokes
Connects itself to the internet
Hides from the user
Stays resident in background Remove Hotword.b, removal instructions

Linked by shanmuga Sunday, 23rd October 2005 8:19AM