Troj/Lineage-AE is a password stealing Trojan for the online game "Lineage".
Troj/Lineage-AE records keypresses to a data file and can send the data file to a remote user through email or through a TCP connection.
When first run Troj/Lineage-AE copies itself to <Program Files>\svhost32.exe and creates the file <System>\msdll.dll.
The following registry entry is created to run svhost32.exe on startup:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\load
<Program Files>\svhost32.exe
http://www.sophos.com/virusinfo/ana...jlineageae.html
=========================================================
我30分鐘中了....
Norton企業版及時防毒居然沒抓到
我也是google找了半天才找到方法處理的
http://www.sophos.com/virusinfo/ana...jlineageae.html