Troj/Agent-BIW

Category: Viruses and Spyware Protection available since:01 May 2006 00:00:00 (GMT)
Type: Trojan Last Updated:01 May 2006 00:00:00 (GMT)
Prevalence: No Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-BIW is a backdoor Trojan which allows a remote intruder to gain
access and control over the computer.

When Troj/Agent-BIW is installed it creates the file <System>\dcom_16.dll.

The following registry entries are created to run code exported by the Trojan
libraries on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
SharedTaskScheduler
(2C1CD3D7-86AC-4068-93BC-A02304BB8C34)
DCOM Server

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\
ShellServiceObjectDelayLoad
DCOM Server
(2C1CD3D7-86AC-4068-93BC-A02304BB8C34)

The file dcom_16.dll is registered as a COM object, creating registry entries
under:

HKCR\CLSID\(2C1CD3D7-86AC-4068-93BC-A02304BB8C34)

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy