Troj/Agent-HEM

Category:	Viruses and Spyware	Protection available since:	04 Jul 2008 16:04:24 (GMT)
Type:	Trojan	Last Updated:	04 Jul 2008 16:04:24 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Summary
More information

Troj/Agent-HEM is a Trojan for the Windows platform.

Troj/Agent-HEM includes functionality to access the internet and communicate with a remote server via HTTP.

When Troj/Agent-HEM is installed the following files are created:

<System>\<random>.exe
<System>\<random>.dll
<System>\<random>

The following registry entries are created to run code exported by <random>.dll on startup:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\<random>
Startup
<random>

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\<random>
DLLName
<random>.dll

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\<random>
Impersonate
0

Try Sophos products for free
Download now

Troj/Agent-HEM

Free Mac Anti-Virus

Popular topics