Hot Articles

Trojan-PSW.Win32.Coced.215

tag:Password-stealing   Trojans  

The Trojan changes the values of the following system registry keys:

[HKCU\Software\Mirabilis\ICQ\Agent\Apps\ICQ]
"Enable" = "yes"
"Path" = "

If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:

  1. Use Task Manager to terminate the Trojan process.
  2. Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
  3. Delete the following system registry key parameters:

    [HKCU\Software\Mirabilis\ICQ\Agent\Apps\ICQ]
    "Enable"="yes"
    "Path"="

    This Trojan steals user passwords. It is designed to steal a range of confidential information. It is a Windows PE EXE file. It is 10,240 bytes in size. It is written in Visual C .

    Installation

    Once launched, the Trojan copies its executable file to the Windows system directory: 

    %System%\msdll32.exe
    Payload

©Virus-Encyclopedia.com All Rights Reserved.