Troj_Artief.E is a Trojan that arrives as attachment to email messages spammed by another malware or a malicious user. The email message contains either an .RTF or a .DOC file containing an embedded .EXE file.

This Trojan then drops several files. It executes a dropped file, and injects a .DLL file into an IEXPLORE.EXE process.

This Trojan creates certain registry entries to enable its automatic execution at every system startup. It then registers itself as a Browser Helper Object (BHO) to ensure its automatic execution every time Internet Explorer is run.


It connects to a URL to download possibly malicious files or an update itself. As a result, malicious routines of the downloaded files are exhibited on the affected system.

Technical details can be found at this Trend Micro page.