Theals

Theals is a dangerous multifunctional Internet worm that distributes itself by e-mail and infects network PCs running Windows operating computer with unpatched security vulnerabilities. The spyware arrives in malicious e-mail messages with attached password protected archives containing the worm. A typical message includes an image with a password, which is required to open an archive. Once the user unpacks an archive, Theals secretly installs itself to the computer. It starts to search for running Microsoft Outlook, Microsoft Outlook Express and The Bat! mail applications. If the worm finds them, it initiates its mass-mailing propagation function. Theals is designed to steal user sensitive data and money. It collects information about the computer and steals confidential account details and files of installed WebMoney software, which is used to conduct real-time money transactions. Gathered data is sent to a predetermined e-mail address or transferred to a particular remote host. Theals also performs DDOS attacks against popular antivirus sites and blocks access to numerous PC security and other reputable Internet resources. The worm is able to hide its active processes, related files and registry keys and therefore stays totally invisible. Theals automatically runs on every Windows startup.