Monday, December 8, 2008

PWS.Mafia Trojan

Removing PWS.Mafia
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
PWS.Mafia Also known as:

[Kaspersky]Trojan-PSW.Win32.Bumaf.c;
[McAfee]PWS-Mafia;
[Other]Infostealer.Salira
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\winrarshell32.exe
[%WINDOWS%]\backup.exe
[%SYSTEM%]\winrarshell32.exe
[%WINDOWS%]\backup.exe

How to detect PWS.Mafia:

Files:
[%SYSTEM%]\winrarshell32.exe
[%WINDOWS%]\backup.exe
[%SYSTEM%]\winrarshell32.exe
[%WINDOWS%]\backup.exe

Registry Keys:
HKEY_CURRENT_USER\software\bgm

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing PWS.Mafia:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
VBS.Startpage Trojan Symptoms
modchipstore.com Tracking Cookie Cleaner

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)