Troj/Agent-HAH

Category:	Viruses and Spyware	Protection available since:	25 May 2008 13:28:42 (GMT)
Type:	Trojan	Last Updated:	25 May 2008 13:28:42 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-HAH exhibits the following characteristics:

Other vendor detection

Avira: TR/Dropper.Gen
Kaspersky: Trojan.Win32.Pakes.cyu
Trend: TROJ_QUESEE.A

Runtime Analysis

Dropped Files

C:\WINDOWS\system32\WinNt32.dll
C:\WINDOWS\system32\drivers\Hqw86.sys

Registry Keys Created

HKLM\SYSTEM\CurrentControlSet\Services\Hqw86
ImagePath
System32\Drivers\Hqw86.sys
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WinNt32
Impersonate
0x00000000
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Hqw86.sys
(Default)
Driver

Processes Created

c:\windows\system32\cmd.exe

Try Sophos products for free
Download now