Picture.exe

A new email attachment is carrying a nasty Trojan horse program that collects AOL usernames, passwords, and web browser history files. The data is then transmitted to an email address in China.  The Trojan horse program is named   "picture.exe."

A Trojan horse is a program that works in a way that the user does not expect it to.    It differs from a virus in that it does not replicate itself.

This Trojan horse, which Network Associates (McAfee) has dubbed "URLsnoop," adds a file called  "note.exe" or "picture.exe" to the run line of the "win.ini" file of the Windows subdirectory.   The program is then executed the next time Windows is started.

The program than does three nasty operations:

1) it makes a list of all .txt and .html files on the affected hard drive
2) collects all the URLs stored in the Internet web browser's cache
3) steals the username and password of the AOL program, if installed.

The collected information is then encrypted and transmitted to a Chinese email address.

Don't execute programs you receive as email attachments unless you're expecting the file and you know the sender.