This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects activity of Backdoor.Emdivi.
The Trojan may arrive through an email attachment.
When the Trojan is executed, it creates the following files:
Next, the Trojan creates the following file so that it runs every time Windows starts:
%SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\Startup\leassnp.lnk
The Trojan may then perform the following actions:
Connect to remote locations
Open a back door