Aliases
TrojanSpy.Win32.Tofger.y, Trojan.Etsur
Type
Trojan
Description
Troj/Tofger-R is a password stealing Trojan.
The Trojan logs keystrokes and confidential information and then attempts to email this data to a remote location.
When the installation executable is run, the files svchost.exe, inites.ini and wmsro32.dll are dropped to the Windows folder and svchost.exe is run.
The following registry entry is created, so that svchost.exe is run automatically each time Windows is started:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Windows Startup
= <WINDOWS>\svchost.exe
Wmsro32.dll is a simple keylogger DLL and inites.ini is a harmless text file.
The Trojan periodically attempts to download an executable from a remote location to the System folder as surte.exe and then run it.
http://www.sophos.com/virusinfo/analyses/trojtofgerr.html

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic