Troj/Mdrop-CSW

Category: Viruses and Spyware Protection available since:24 Jul 2010 09:05:06 (GMT)
Type: Trojan Last Updated:24 Jul 2010 09:05:06 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Mdrop-CSW is a Trojan for the Windows platform.

Troj/Mdrop-CSW includes functionality to access the internet and communicate with a remote server via HTTP.

Troj/Mdrop-CSW communicates via HTTP with the following locations:

intelore . com

When Troj/Mdrop-CSW is installed the following files are created:

<Program Files>\Intelore\RAR-PR\rsproc.dll
<Program Files>\Intelore\RAR-PR\uninstall.exe
<Program Files>\Intelore\RAR-PR\unrpros.dll
<Program Files>\Intelore\RAR-PR\uraext2x.dll
<Program Files>\Intelore\RAR-PR\uraext3x.dll
<Program Files>\Intelore\RAR-PR\urapwd2x.dll
<Program Files>\Intelore\RAR-PR\urpwdr11rc16.exe
<Root>\downloader.exe.exe
<Root>\Setup.exe

Registry entries are created under:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Intelore - RAR Password Recovery
HKCU\Software\Intelore

Troj/Mdrop-CSW provides an uninstall option which can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as "RAR Password Recovery v1.1 RC16 (remove only)".

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy