|
|
Detect and remove hidden rootkits using
UnHackMe
RegRun Security Suite = 24 system utilities for protecting your computer. Try now! |
 chostsv.exe - Useless
Is a Trojan horse that attempts to steal online banking information. Also known as PWSteal.Banpaes, PWSteal.Banpaes.B When PWSteal.Banpaes.C is executed, it performs the following actions: Creates the following files: %System%\Chostsv.exe %System%\Mouse32.dll %System%\Keybrd32.dll %System%\Kuser.dll %System%\Serv.dll C:\Temp\Install.exe (This may not be created if the Temp folder does not exist in this location). Adds the value: "chostsv"="%System%\chostsv.exe" to the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Logs keystrokes if the keystrokes are entered in windows that have any of the following strings in the window's title bar: Caixa Economica Federal Internet Banking CAIXA BESC - Banco do Estando de Santa Catarina Banco do Estado de Santa Catarina Gerenciador Financeiro Teclado Virtual HSBC Credicard MasterCard and some other. Then, this Trojan sends the keystrokes to a predefined email address. Manual removal: Navigate to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and delete the value: "chostsv"="%System%\chostsv.exe" Or use RegRun to automatically remove this registry item.
Recommended software: RegRun Security Suite - removal and protection. http://www.regrun.com RegRun Reanimator - free removal tool. greatis.com/reanimator
What is hidden in MSDN? Why software developers prefer Win32.FreeTechSecrets.com? All Unix Manuals in Alphabetical Order C# controls for .NET in 3 simple steps. Constantly updated. Last update: May 12 2008
Interesting information about Vista programs... Need consultation? Would you like to add your opinion?
|
|
