Aliases: Trojan.Win32.ExitWin.j, ExitWin-E, W32.Winex.A.Trojan, Troj/ExitWin-F, TROJ_WINEX.A
Variants: Win32:Trojan-gen., NewHeur_PE, Trojan.Win32.ExitWin.j, Trojan.ExitWin.j, W32/Smalltroj.FFX

Classification: Malware
Category: Trojan Horse

Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 16 Oct 2003
Damage: Low

Characteristics: The W32.Winex.A.Trojan program is a Trojan horse that is identical to VBS.ExitWin. The Trojan is a Delphi program and is packed with UPX. It affects windows operating system such as Windows 95, Windows 2000, Windows Me, Windows 98, Windows Server 2003, Windows NT, and Windows XP

More details about W32.Winex.A.Trojan

W32.Winex.A.Trojan is a malicious parasite that has the ability to paralyze user's activity by means of performing destructive actions. These pests changes many system settings and write itself in the registry to execute it every time the windows start. The user of infected computer could get rid of this effect after starting Windows in a safe mode and eliminating the Trojan manually or with the help of an anti virus program.

The W32.Winex.A.Trojan application creates a backdoor in the system. It opens an unused port to connect to a server specified in its programming. It may also send system information about the infected computer, such as IP address, computer name, and operating system used. RAT software can be used to monitor user’s activities. This can be done by using a keylogging function. Keystrokes can be compiled and sent to a remote server. This can be used to steal whole documents, passwords, and log-in names for online accounts, banking information and personal data. This can cause identity theft and credit card fraud.