Troj/DwnLdr-FYD

Category: Viruses and Spyware Protection available since:19 Jan 2007 00:00:00 (GMT)
Type: Trojan Last Updated:19 Jan 2007 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/DwnLdr-FYD is a downloader Trojan for the Windows platform.

When run Troj/DwnLdr-FYD creates the following files:

<System>\peers.ini - this file can be safely deleted
<System>\wincom32.sys - this file is detected as Troj/DwnLdr-FYD

Troj/DwnLdr-FYD is registered as a new system driver service named "wincom32" with a display name of "wincom32" and a startup type of automatic, so that it is started automatically during system startup. Registry entries are created under:

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINCOM32\
HKLM\SYSTEM\CurrentControlSet\Services\wincom32\

Troj/DwnLdr-FYD includes functionality:

- to download code from the internet
- attach code to the process SERVICES.EXE

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy