Antivirus experts recommend updating signatures and other mitigations to protect against a Trojan that uses a seemingly safe password-protected zip file to deliver its payload.
Experts aren't in agreement on naming conventions and call it: Troj/Tofger.A, MultiDropper.GP.A, TrojanDropper.JS.Mimail.B and Trojan.Sefex. It logs keystrokes and sends them to a remote location on an active Internet connection. It runs automatically when Windows starts by modifying system.exe file, registry entries and other settings.
The Trojan arrives via e-mail with a blank subject, a password-protected MyProfile.zip attachment, and includes the password in the message body. The zip attachment
While this Trojan doesn't self-replicate, it propagates through e-mail, IRC, peer-to-peer sharing and other delivery methods. To mitigate the problem, change compromised passwords, edit the target registry entry or delete Windows files. You can also disable HTML e-mail, either filtering at the perimeter or at the client.