Home Malware Programs Trojans Trojan.PSW.XYOnline.pb

Trojan.PSW.XYOnline.pb

Posted: February 14, 2011

The Trojan.PSW.XYOnline.pb Trojan will try to infect computers while not giving itself away with obvious indicators of its presence. Trojans such as Trojan.PSW.XYOnline.pb are capable of many different hostile actions, including stealing passwords, disabling security such as firewalls, and crashing processes necessary for Windows to run properly. To remove Trojan.PSW.XYOnline.pb, you should have access to access to verified and reputable security scanning tools, and be comfortable using Safe Mode and the Task Manager.

Not Getting Caught by Trojan.PSW.XYOnline.pb

Evasion of Trojan.PSW.XYOnline.pb is the most effective strategy for keeping your computer safe, since then you needn't worry about undoing any of the damage Trojan.PSW.XYOnline.pb might cause. Some reports indicate that Russian file sources are more likely to carry this Trojan; staying away from or being particularly careful to scan such files can help to prevent Trojan.PSW.XYOnline.pb from sneaking aboard.

There are some indications that Trojan.PSW.XYOnline.pb may be as old as 2010, but sparsity of information on the Trojan suggests that it may be even more recent than that. Security software should be kept continually running to prevent this infection from getting any headway, but software that isn't updated too often may not be able to notice Trojan.PSW.XYOnline.pb. Checking for updates on at least a weekly basis, or updating whenever available will almost guarantee your computer's safety from Trojan.PSW.XYOnline.pb if you're using high-quality anti-malware products.

Handling Your Hard Drive's Impairment

By not deleting Trojan.PSW.XYOnline.pb immediately, it may cause a broad range of issues with your system. Many of these problems may be worsened by Trojan.PSW.XYOnline.pb downloading other malware that will duplicate the damage or cause worse effects. Major issues that may be caused by Trojan.PSW.XYOnline.pb directly include but aren't limited to:

  • Drastically low system resources. RAM and hard drive space are sometimes targeted by Trojan.PSW.XYOnline.pb and other Trojans even if they don't necessarily require these things for their other, equally malicious purposes.
  • Mitigated or removed security settings. Some sources report Trojan.PSW.XYOnline.pb specifically disabling a user's firewall. This leaves the infected computer vulnerable to attack by virtually any hacker or automated malware that so much as looks in the system's general direction.
  • Keylogging and other sypware activites. This behavior is most dangerous when there are few other obvious symptoms, since the user has little cause to panic right away and may go about using the computer as normal. Using a keylogged computer can result in the loss of account passwords, identity information, and other sensitive data that will allow criminals to defraud you or steal your identity.

Although concrete details on many of its functions are still being gathered, the overall risk level of Trojan.PSW.XYOnline.pb has been judged to be high by various security sources. Remove Trojan.PSW.XYOnline.pb right away even if Trojan.PSW.XYOnline.pb is not immediately making your computer harder to use, as this Trojan can do substantial harm when left alone.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %appdata%\microsoft\internet explorer\quick launch\Trojan.PSW.XYOnline.pb.lnk
    2 %commonprograms%\Trojan.PSW.XYOnline.pb\about.lnk
    3 %commonprograms%\Trojan.PSW.XYOnline.pb\activate.lnk
    4 %commonprograms%\Trojan.PSW.XYOnline.pb\buy.lnk
    5 %commonprograms%\Trojan.PSW.XYOnline.pb\scan.lnk
    6 %commonprograms%\Trojan.PSW.XYOnline.pb\settings.lnk
    7 %commonprograms%\Trojan.PSW.XYOnline.pb\Trojan.PSW.XYOnline.pb support.lnk
    8 %commonprograms%\Trojan.PSW.XYOnline.pb\Trojan.PSW.XYOnline.pb.lnk
    9 %commonprograms%\Trojan.PSW.XYOnline.pb\update.lnk
    10 %desktop%\Trojan.PSW.XYOnline.pb support.lnk
    11 %desktop%\Trojan.PSW.XYOnline.pb.lnk
    12 %programfiles\Trojan.PSW.XYOnline.pb\about.ico
    13 %programfiles\Trojan.PSW.XYOnline.pb\activate.ico
    14 %programfiles\Trojan.PSW.XYOnline.pb\buy.ico
    15 %programfiles\Trojan.PSW.XYOnline.pb\def.db
    16 %programfiles\Trojan.PSW.XYOnline.pb\defcnt.exe
    17 %programfiles\Trojan.PSW.XYOnline.pb\defext.dll
    18 %programfiles\Trojan.PSW.XYOnline.pb\defhook.dll
    19 %programfiles\Trojan.PSW.XYOnline.pb\help.ico
    20 %programfiles\Trojan.PSW.XYOnline.pb\scan.ico
    21 %programfiles\Trojan.PSW.XYOnline.pb\settings.ico
    22 %programfiles\Trojan.PSW.XYOnline.pb\splash.mp3
    23 %programfiles\Trojan.PSW.XYOnline.pb\uninstall.exe
    24 %programfiles\Trojan.PSW.XYOnline.pb\update.ico
    25 %programfiles\Trojan.PSW.XYOnline.pb\virus.mp3

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKCU\Software\Microsoft\Windows\CurrentVersion\Run “Trojan.PSW.XYOnline.pb”HKLM\SOFTWARE\Trojan.PSW.XYOnline.pbHKEY..\..\..\..{RegistryKeys}HKCR\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Trojan.PSW.XYOnline.pb
Loading...