Hello,
unfortunately I found on one of my machines the attached virus.

It would be nice if someone could take a look into this and tell me what exactly it does. As far as I found out this is some sort of keylogger.
Any help is much appreciated.

If things are included, such as where the logs will be send to etc., it would be appreciated too.

Password to extract is:


Note that you have to change the extension inside the rar-archive from VIRUS to exe.

Regards,

It's a keylogger.. It create a file with all keys into AppData user folder, and then send the file via FTP to remote server (hard coded in the file, with user/password of server)..
You can read the code using Reflector.NET (the trojan was written in VB.NET)

Have forgotten about replying here. Thanks again cod for your help.