Troj/Docker-Gen

Category:	Viruses and Spyware	Protection available since:	10 Sep 2010 19:26:15 (GMT)
Type:	Trojan	Last Updated:	10 Sep 2010 19:26:15 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Summary

Troj/Docker-Gen is a Trojan.

Troj/Docker-Gen typically deletes the following registry entries:

HKCU\Software\Microsoft\Office\10.0\Word\Resiliency
DisabledItems

HKCU\Software\Microsoft\Office\10.0\Word\Resiliency
StartupItems

HKCU\Software\Microsoft\Office\10.0\Word\Resiliency
DocumentRecovery

HKCU\Software\Microsoft\Office\11.0\Word\Resiliency
DisabledItems

HKCU\Software\Microsoft\Office\11.0\Word\Resiliency
StartupItems

HKCU\Software\Microsoft\Office\11.0\Word\Resiliency
DocumentRecovery

Troj/Docker-Gen usually attempts to terminate processes including the following:

winword.exe
drwatson.exe
drwtsn32.exe
dw20.exe

Examples of Troj/Docker-Gen include:

Example 1

File Information

Size: 39K
SHA-1: 4ea6202200ca245cf12e26a0c91199092fbde0fc
MD5: e0a8849a503a2d05ba071558aab1cf27
CRC-32: 5d6e76f8
File type: application/x-ms-dos-executable
First seen: 2010-09-05

Other vendor detection

Kaspersky: Trojan.Win32.Agent.aclb

Runtime Analysis

Processes Created

c:\windows\system32\cmd.exe

Example 2

File Information

Size: 39K
SHA-1: d0501d8310b73b46304ce77235a2e903dc4ca80d
MD5: 91ab1a391714cf4e71d6d765d105c011
CRC-32: 5c4c16e7
File type: application/x-ms-dos-executable
First seen: 2010-09-10

Other vendor detection

Kaspersky: Trojan-Spy.Win32.Laproy.ax

Runtime Analysis

Processes Created

c:\windows\system32\cmd.exe

Try Sophos products for free
Download now

Troj/Docker-Gen

Summary

Example 1

File Information

Other vendor detection

Runtime Analysis

Processes Created

Example 2

File Information

Other vendor detection

Runtime Analysis

Processes Created

Free Mac Anti-Virus

Popular topics