Troj/Agent-LRX

Category: Viruses and Spyware Protection available since:04 Nov 2009 18:40:55 (GMT)
Type: Trojan Last Updated:04 Nov 2009 18:40:55 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-LRX exhibits the following characteristics:

Other vendor detection

Avira
TR/Dldr.Tracur.J.3
Kaspersky
Trojan.Win32.BHO.ahpm

Runtime Analysis

Registry Keys Created
  • HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main
    XMLHTTP_UUID_Default
    6e 0c f6 3b f9 fc 9b 46 a6 b2 dc 0b 83 1b ff 59
  • HKCU\Software\Microsoft\Internet Explorer\Main
    XMLHTTP_UUID_Default
    6e 0c f6 3b f9 fc 9b 46 a6 b2 dc 0b 83 1b ff 59
  • HKCR\CLSID\{3BF60C6E-FCF9-469B-A6B2-DC0B831BFF59}\InprocServer32
    (Default)
    c:\test_item.dll
  • HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main
    XMLHTTP_UUID_Default
    6e 0c f6 3b f9 fc 9b 46 a6 b2 dc 0b 83 1b ff 59
  • HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main
    XMLHTTP_UUID_Default
    6e 0c f6 3b f9 fc 9b 46 a6 b2 dc 0b 83 1b ff 59
  • HKCR\.fsharproj\PersistentHandler
    (Default)
    {e6249562-15ae-46f3-a88e-47d6b4af71e2}
  • HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main
    XMLHTTP_UUID_Default
    6e 0c f6 3b f9 fc 9b 46 a6 b2 dc 0b 83 1b ff 59
HTTP Requests
  • http://69.31.80.182/f/
IP Connections
  • 69.31.80.182:80

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy