"The backdoor component helps it register itself as a service so as to receive and follow instructions from a command and control center, while the spyware component sends away data about files, operating system, while also making screenshots of the ongoing processes."

Some of the commands Trojan.Spy.YEK is supposed to execute are: sending the collected files using a GET request, sending info regarding the operating system and computer, taking screenshots and sending the results, listing the processes that run on the system and sends them away, finding files with a certain extension.

"Shortly put," the researchers said, "it uploads all the interesting data on a FTP server without the user's consent.

"The fact that it looks for all that it is linked to archives, e-mails (.eml, .dbx), address books (.wab), database and documents (.doc, .odt, .pdf etc) makes Trojan.Spy.YEK a prime suspect of corporate espionage as it seems to target the private data of the companies".

Cosovan and Minea say that the Trojan can run, without problems, on all versions of Windows from Win 95 to Seven.