Troj/Agent-ECR

Category:	Viruses and Spyware	Protection available since:	22 Feb 2007 00:00:00 (GMT)
Type:	Trojan	Last Updated:	22 Feb 2007 00:00:00 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-ECR is a Trojan for the Windows platform.

When Troj/Agent-ECR is installed the following files are created:

<Windows>\AppPatch\dldlgs.dll (Detected as Troj/Dloadr-ATV)
<Windows>\AppPatch\msimain.dll (Detected as Troj/Dropper-NP)
<System>\drivers\ksm.sys (Detected as Troj/Rootkit-BE)
<System>\drivers\soundwav.sys (Detected as Troj/Rootkit-BF)
<System>\unxxx.bat (Can be safely removed)

The following registry entry is created to run code exported by (DADE1910-86AA-D04E-4B87-28B92A3D4E99) on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
DLMonF
(DADE1910-86AA-D04E-4B87-28B92A3D4E99)

The file msimain.dll is registered as a COM object, creating registry entries under:

HKCR\CLSID\DADE1910-86AA-D04E-4B87-28B92A3D4E99

Try Sophos products for free
Download now

Troj/Agent-ECR

Free Mac Anti-Virus

Popular topics