Troj/DwnLdr-HHF

Category:	Viruses and Spyware	Protection available since:	28 Aug 2008 01:00:50 (GMT)
Type:	Trojan	Last Updated:	28 Aug 2008 01:00:50 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/DwnLdr-HHF is a Trojan for the Windows platform.

When run Troj/DwnLdr-HHF copies itself to:
<System>\<random characters>.exe

and creates the files:
<System>\<random characters>.scr - detected as Troj/FakeAle-FK
<System>\<random characters>.bmp - detected as Troj/FakeAV-CD

Troj/DwnLdr-HHF sets the following registry entries:

HKCU\Control Panel\Desktop
OriginalWallpaper
<System>\<random characters>.bmp

HKCU\Control Panel\Desktop
SCRNSAVE.EXE
<System>\<random characters>.scr

HKCU\Control Panel\Desktop
Wallpaper
<System>\<random characters>.bmp

HKCU\Control Panel\Desktop
WallpaperStyle
0

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore
DisableSR
0

HKCU\Control Panel\Desktop
ConvertedWallpaper
<System>\<random characters>.bmp

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
NoDispBackgroundPage
1

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
NoDispScrSavPage
1

HKCU\Software\Sysinternals\Bluescreen Screen Saver
EulaAccepted
1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
<random characters>.exe
<System>\<random characters>.exe

Registry changed are made under:

HKLM\SYSTEM\CurrentControlSet\Services\sr\

Try Sophos products for free
Download now

Troj/DwnLdr-HHF

Free Mac Anti-Virus

Popular topics