Trojan.Agent.AAQK

tag:Trojan Agent

The malware copies itself to
C:\Documents and Settings\\local settings\temp under the name
__a00[some-hexa-digits].exe

and adds the following registry key:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\A00[some-hexa-digits].exe
C:\Documents and Settings\\Local Settings\Temp\__a00[some-hexa-digits].exe

Aftewards, the trojan will drop a .dll file (in the directory from where it was run) under its original file name and extension followed by .dat. It will load this dll and will execute it Please let BitDefender delete the infected files.

A file named __a00[some-hexa-digits].exe in C:\Documents and Settings\\local settings\temp having a dimension of 40KB.

One or more files named __c00[five-hexa-digits].dat in the system directory (c:\windows\system32) with a size of 24,5KB (25088 Bytes)

The presence of a mutex named vmc_mm.

previous:Trojan.Agent.AY
previous:Trojan.Agent.AJJX

Virus Source from:

New articles

TROJ_ARTIEF.SMThis Trojan exploits the RTF Stack Overflow vulnerability to drop and execute TROJ_INJECT.ART. This Trojan may be unknowingly downloaded by a user while visi...ANDROIDOS_GEINIMI.AThis backdoor may be unknowingly downloaded by a user while visiting malicious websites. Backdoor Routine This backdoor executes the following commands from...P2P-Worm.Win32.BlackControl.gThe malicious program intercepts the user’s requests to various sites and redirects them to a malicious URL. It also contains a tool for sending phishin...Backdoor.Win32.Bredolab.euaA malicious program that receives commands from a management server to download other malware to a computer. To ensure that it is launched automatically when t...Backdoor.Farfli.ABCommonly it commes as an installer so it can drop several files, detected by Bitdefender as adware (Adware.Cinmus) or tojan-downloaders.It modifies the memory o...

Hot Articles

Trojan.Agent.AAQK

Computer Virus Clounds