扫一扫
分享文章到微信
扫一扫
关注官方公众号
至顶头条
This Trojan program is designed to steal user passwords. It is a Windows PE EXE file. The file is 23,040 bytes in size. It is written in Visual Basic. Payload
The Trojan will steal passwords to modem connections. The Trojan sends the harvested passwords by email to the remote malicious user's at:
**chno@mail.ru
The Trojan also creates the following registry key, and save its configuration to this key:
[HKCU\Software\VB and VBA Program Settings\THDetect]
The Trojan also displays the following message:
Removal instructions
If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:
Use Task Manager to terminate the Trojan process.
Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
Delete the following parameters from the system registry (see What is a system registry and how do I use it for details on how to edit the registry):
[HKCU\Software\VB and VBA Program Settings\THDetect]
本文来自: 脚本之家(www.jb51.net) 详细出处参考:http://www.jb51.net/article/10114.htm
如果您非常迫切的想了解IT领域最新产品与技术信息,那么订阅至顶网技术邮件将是您的最佳途径之一。