Know Your Malware: Elburro Removal


Elburro is a backdoor that provides the attacker with unauthorized remote access to a compromised computer. The intruder can download and execute arbitrary files, alter system configuration, retrieve system information, collect e-mail addresses and send letters to specified recipients. Elburro can close some opened folders, terminate running security-related tools and system utilities like the Registry Editor. It also is able to bypass Windows Firewall. Elburro afects mostly computers running Spanish version of Microsoft Windows. The trojan automatically runs on every OS startup.

Related files: msappts32.exe

Elburro properties:
Allows remote user connection
Connects itself to the internet
Hides from the user
Stays resident in background Remove Elburro, removal instructions

Linked by shanmuga Monday, 14th November 2005 11:55AM