Search Solo Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info SRN Micro Privacy Statement

 


MIMAIL.P DOWNLOADER TROJAN SPAMMED

Virus Name  : Downloader-GN

Alias             : TrojanDownloader.Win32.Small.cz, TrojanDownloader.Win32.Mimail, Troj/Mmdload-A, Downloader.Mimail.B

Virus type    : Trojan

Threat level : Low

Virus details :

                     Downloader-GN attempts to download Internet worm Mimail.P variant in the infected system. The trojan attachment name will be "paypal.zip" and it is spammed via e-mail. The infected mail sample is given below.

From: do_not_reply@paypal.com 
Subject: PAYPAL.COM NEW YEAR OFFER

** GREAT NEW YEAR OFFER FROM PAYPAL.COM **

Dear PayPal.com Member,

We here at PayPal.com are pleased to announce that we have a special New Year offer for you! If you currently have an account with PayPal then you will be eligible to receive a terrific prize from PayPal.com for the New Year. For a limited time only PayPal is offering to add 10 percent of the total balance in your PayPal account to your account and all you have to do is register yourself within the next five business days with our application (see attachment)! 

If at this time you do not have a PayPal account of your own you can also register yourself with our secure application and get this great New Year bonus! If you fill out the secure form we have provided PayPal will create an account for you (it's free) and you will receive a confirmation e-mail that your account has been created. 

That's not all! If you resend this letter (with its attachment) to all of your friends you may be eligible to receive another New Year bonus because the 1000 PayPal members that send the most of these to their friends will get the bonus. If you are one of these 1000 lucky members then PayPal will add 17 percent of your total balance to your account! 

Registration is simple. Just unpack the attachment with WinZip, run the application, and follow the instructions we have provided. If you have problems opening the application then you may want to try downloading a free version of WinZip from http://www.winzip.com 

Do not miss your chance at this fantastic opportunity! Thousands of our current customers have already received their prizes and now it's your turn; so hurry up and take advantage of this special offer! 

Best of luck in the New Year,
PayPal.com Team 

                     When the trojan file paypal.exe is executed, it downloads the file ppapp.bin from a predefined Russian siteaquarium-fish.ru. It stores the downloaded file at c:\tmp.exe and executes it. tmp.exe is a copy of Mimail.P worm and it tries to steal credit card and personal information from the infected user.

How can I protect my system?

                   Solo has incorporated Downloader-GN trojan aka TrojanDownloader.Win32.edn in its signature file to protect users from this trojan attack. Solo antivirus registered users are already protected from this trojan. Make sure that you have installed registered version of Solo Antivirus to protect your system from all virus threats.

How to remove this Worm?

                   If you are already infected with this trojan, you can remove it from your computer using Solo Antivirus software. Use the following link to Download 30 day trial version of Solo antivirus to remove viruses from your computer.

                   Solo anti-virus not only scans for all viruses, it contains a unique System Integrity Checker to protect you from New Internet Worms, Backdoors and malicious VB, Java Scripts. It also effectively removes all existing Internet Worms, File viruses, malicious VB, Java scripts, Trojans, Backdoors, boot sector, partition table and macro viruses.

You can purchase Solo antivirus using the link