Troj/Agent-GZK

Category:	Viruses and Spyware	Protection available since:	06 Jun 2008 08:17:05 (GMT)
Type:	Trojan	Last Updated:	06 Jun 2008 08:17:05 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Summary
More information

Troj/Agent-GZK attempts to edit websites to promote a target website.

Troj/Agent-GZK consists of three components:

<System>\jdk-1_5_0_19-windows-i391-pp\jav.bat
<System>\jdk-1_5_0_19-windows-i391-pp\js.exe
<System>\jdk-1_5_0_19-windows-i391-pp\dc.class

The files js.exe and dc.class are both detected as Troj/Agent-GZK.

Troj/Agent-GZK installs itself in the registry so it autoruns at startup with the following registry entries:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
"Java (VM) v6.9"
"C:\WINDOWS\System32\jdk-1_5_0_19-windows-i391-pp\jav.bat"

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
"Java (VM) v6.9"
"C:\WINDOWS\System32\jdk-1_5_0_19-windows-i391-pp\jav.bat"

Try Sophos products for free
Download now

Troj/Agent-GZK

Free Mac Anti-Virus

Popular topics