Troj/Dload-AG is a Trojan for the Windows platform.
Troj/Dload-AG includes functionality to access the internet and communicate with a remote server via HTTP.
When Troj/Dload-AG is installed the following files are created:
<User>\Application Data\Microsoft\Network\Downloader\qmgr0.dat
<User>\Application Data\Microsoft\Network\Downloader\qmgr1.dat
<Temp>\bx18dxv.dat
The following registry entry is set, disabling system software:
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
DisableTaskMgr
1
Registry entries are created under:
HKLM\SOFTWARE\Microsoft\VideoPlugin