Trojan.Agent.AJJX

tag:Trojan Agent

When run, this malware will try to remove the following registry keys:
HKLM\Software\Microsoft\CurrentVersion\ShellServiceObjectDelayLoad\
Name = JavaView
HKLM\Software\Microsoft\CurrentVersion\ShellServiceObjectDelayLoad\
Name = DesktopWin
These keys were set by a previous version of this malware in order to load one of its components at every system startup.
Then, it will check if it is already installed in the system by searching for a mutex named __DL_CORE4GAEX_MUTEX__. If found it will drop a file named unixxx.bat used to delete itself. Otherwise, it will drop a file named msgmr.dll in %ProgramFiles%\Messenger folder (if the folder doesn Please let BitDefender disinfect your files.

The presence of a file named msgmr.dll in %ProgramFiles%\Messenger\ folder and another file named Framdee.ttf in %WINDOWS%\Fonts\ folder.

previous:Trojan.Agent.AAQK
previous:Backdoor.Hupigon

Virus Source from:

New articles

TROJ_ARTIEF.SMThis Trojan exploits the RTF Stack Overflow vulnerability to drop and execute TROJ_INJECT.ART. This Trojan may be unknowingly downloaded by a user while visi...ANDROIDOS_GEINIMI.AThis backdoor may be unknowingly downloaded by a user while visiting malicious websites. Backdoor Routine This backdoor executes the following commands from...P2P-Worm.Win32.BlackControl.gThe malicious program intercepts the user’s requests to various sites and redirects them to a malicious URL. It also contains a tool for sending phishin...Backdoor.Win32.Bredolab.euaA malicious program that receives commands from a management server to download other malware to a computer. To ensure that it is launched automatically when t...Backdoor.Farfli.ABCommonly it commes as an installer so it can drop several files, detected by Bitdefender as adware (Adware.Cinmus) or tojan-downloaders.It modifies the memory o...

Hot Articles

Trojan.Agent.AJJX

Computer Virus Clounds