Troj/Dloader-JV is a downloader Trojan.
When run the Trojan copies itself to the Windows system folder as _ntrdlhost.exe and drops a helper component _ntrapi.dll also into the Windows system folder. Troj/Dloader-JV then attempts to download two components into the Windows system folder saving them as _ntried.dll and _ntrrs.exe.
The Trojan will then create the following registry entries so as to auto-start:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
_ntrdlhost
%SYSTEM%\_ntrdlhost.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
_ntrRescueService
%SYSTEM%\_ntrrs.exe
Various information may be logged to %SYSTEM%\temp1.log by the Trojan which will be later sent to a third party via a METHOD POST web request.
_ntrrs.exe is a legitimate remote desktop tool.
_ntried.dll is a non-malicious Browser Helper Object (BHO) and can be deleted.
_ntrapi.dll is detected by Sophos as Troj/Rootkit-T