||||
Symantec.com > Security Response > Threats and Risks > Spyware.Hotra
PRINT THIS PAGE

Spyware.Hotra

Printer Friendly Page

Updated: February 13, 2007 11:35:37 AM
Type: Spyware
Risk Impact: High
File Names: hotdog.exe, extra.exe, hotdogid.ini, extra_config_url.txt, extra_notify_url.txt, config_url.txt
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP


When Spyware.Hotra is executed, it does the following:
  1. Creates the value:

    "Hotdog"="<path to Spyware.Hotra>"

    in the registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

  2. Contacts a Web site to download configuration information. (As of this writing, these Web sites appear to be down.)

  3. After Spyware.Hotra obtains the configuration information, it periodically searches for an Internet Explorer window, from which it steals the current URL and sends it to a remote Web site.


Search by name
Example: W32.Beagle.AG@mm
Limited Time Offers! Save up to 50%
Windows Vista Security
©1995 - 2009 Symantec Corporation
Site Map|
Legal Notices|
Privacy Policy|
|
Contact Us|
Global Sites|
License Agreements|
RSS