Troj/Agent-HFD

Category:	Viruses and Spyware	Protection available since:	09 Jul 2008 15:17:46 (GMT)
Type:	Trojan	Last Updated:	09 Jul 2008 15:17:46 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-HFD is a Trojan for the Windows platform.

Troj/Agent-HFD includes functionality to access the internet and communicate with a remote server via HTTP.

When Troj/Agent-HFD is installed it creates the file <System>\univrs32.dat.

The file univrs32.dat is detected as Troj/Agent-GPD.

Troj/Agent-HFD changes settings for Microsoft Internet Explorer, including search settings, by modifying values under:

HKCU\Software\Microsoft\Internet Explorer\Main\Search Bar
HKCU\Software\Microsoft\Internet Explorer\Main\Search Page
HKCU\Software\Microsoft\Internet Explorer\Main\Start Page
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\

The following registry entries are set, affecting internet security:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
1208
0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
2500
3

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
1208
0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
2500
3

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
1208
0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
2500
3

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
1208
0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
2500
3

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
1208
0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
2500
3

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
1201
0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
1804
1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
1201
0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
1201
0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
1804
1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
1201
0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
1200
0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
1201
0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
1608
0

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
1804
1

The following registry entry is set:

HKCU\Software\Microsoft\Internet Explorer\Main
Enable Browser Extensions
yes

Try Sophos products for free
Download now

Troj/Agent-HFD

Free Mac Anti-Virus

Popular topics