Troj/BagleDl-BK

Category: Viruses and Spyware Protection available since:20 Feb 2006 00:00:00 (GMT)
Type: Trojan Last Updated:20 Feb 2006 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/BagleDl-BK is a Trojan for the Windows platform.

Troj/BagleDl-BK attempts to remove services, processes, files and registry entries associated with anti-virus and security software.

Troj/BagleDl-BK attempts to download and install a file from several remote sites. Troj/BagleDl-BK is a Trojan for the Windows platform.

Troj/BagleDl-BK attempts to remove services, processes, files and registry entries associated with anti-virus and security software.

When run, Troj/BagleDl-BK copies itself to the Windows system folder as sysformat.exe and creates the following registry entry in order to run each time a user logs on:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
sysformat
"<Windows system>\sysformat.exe"

The following registry entries may also be set:

HKCU\Software\Microsoft\Params
FirstRun
dword:00000001

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess
Start
dword:00000004

Troj/BagleDl-BK attempts to download and install a file from several remote sites.

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy