Troj/Dloadr-AQG

Category: Viruses and Spyware Protection available since:17 Nov 2006 00:00:00 (GMT)
Type: Trojan Last Updated:04 Dec 2006 00:00:00 (GMT)
Prevalence: No Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Dloadr-AQG is a Trojan for the Windows platform.

When the Trojan is installed it creates the file <System>\ldcore.dll, which is also detected as Troj/Dloadr-AQG.

Troj/Dloadr-AQG attempts to inject ldcore.dll into every running process.

ldcore.dll includes functionality to access the internet and communicate with a remote server via HTTP, and to download, install and run new software.

Troj/Dloadr-AQG creates following registry entry, causing the Dll to be executed with system startup:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\
AppInit_DLLs
<System>\ldcore.dll

The following registry entries are created or modified:

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
EnableNegotiate
1

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy