Troj/Agent-LSE

Category: Viruses and Spyware Protection available since:05 Nov 2009 18:04:28 (GMT)
Type: Trojan Last Updated:05 Nov 2009 18:04:28 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-LSE is a Trojan for the Windows platform.

Troj/Agent-LSE includes functionality to:

- run automatically
- register system drivers
- steal confidential information
- access the internet and communicate with a remote server via HTTP

When Troj/Agent-LSE is installed the following files are created:

<Root>\bin\block_reader.sys
<Root>\bin\C49E8753.exe
<Root>\bin\HookLib.dll

The file C49E8753.exe is registered as a COM object, creating registry entries under:

HKCR\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}

Registry entries are created under:

HKCR\C49E8753.DocHostUIHandler
HKLM\SOFTWARE\Microsoft Media Gallery

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy