Troj/Agent-BXQ

Category: Viruses and Spyware Protection available since:08 Jun 2006 00:00:00 (GMT)
Type: Trojan Last Updated:08 Jun 2006 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-BXQ is a downloading Trojan for the Windows platform.

The Trojan creates the following files in the Windows system folder:

pyjjkdll.dll
PYJJKIME.exe
pyjjkq.bak
pyjjkq.dll

PYJJKIME.exe and pyjjkq.bak are copies of the Trojan executable, and pyjjkdll.dll and pyjkkq.dll are also detected as Troj/Agent-BXQ.

The Trojan creates the following registry entries in order to run itself automatically on startup:

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
DhcpCep
<system>\PYJJKIME.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
PYJJIME
<system>\PYJJKIME.exe

Troj/Agent-BXQ downloads a file from a preconfigured URL to <system>\AppEventTmp.exe and executes it in the background.

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy