This trojan The program are designed to steal user passwords. It is a Windows PE EXE file. The file is 23,040 bytes in size. It is written in Visual Basic. Payload
The Trojan would steal passwords to modem connections. The Trojan sends the harvested passwords by email to the remote malicious user ' s at:
**chno@mail.ru
The Trojan also creates the following registry key, and save its configuration to this key:
[Hkcu\software\vb and VBA program Settings\thdetect]
The Trojan also displays the following message:
Removal instructions
If your computer does not have a up-to-date antivirus, or does not have a antivirus solution at all, follow the instruct Ions below to delete the malicious program:
use Task Manager to terminate the Trojan process.
Delete The original Trojan file (the location'll depend on how the program originally penetrated the victim) .
delete the following parameters from the system registry ( what is a system registry and how do i use it for details on how to edit the registry):
[HKCU\Software\VB and vba program settings\thdetect]