This Trojan program is designed to steal user passwords. It is a Windows PE EXE file. The file is 23,040 bytes in size. It is written in Visual Basic. Payload
The Trojan will steal passwords to modem connections. The Trojan sends the harvested passwords by email to the remote malicious user's at:
**chno@mail.ru
The Trojan also creates the following registry key, and save its configuration to this key:
[HKCUSoftwareVB and VBA Program SettingsTHDetect]
The Trojan also displays the following message:
Removal instructions If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:
Use Task Manager to terminate the Trojan process.
Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
Deletethefollowingparametersfromthesystemregistry(seeWhatisasystemregistryandhowdoIuseitfordetailsonhowtoedittheregistry):
[HKCUSoftwareVBandVBAProgramSettingsTHDetect]
【完美解决 Trojan-PSW.Win32.Mike的方法】相关文章:
★ MSN传播病毒Backdoor.Win32.IRCBot.acd清除方法
★ autorun.inf和sbl.exe之U盘病毒的清除方法
★ 替换ctfmon.exe的下载器window.exe的方法
★ 关于rundl132.exe vidll.dll LOGO1.exe 的清除方法
★ 解决http://16a.us/2.js之arp欺骗的方法附专杀工具
★ recycle.exe(Trojan-Dropper.Win32.VB.rj)病毒的查杀方法