Troj/Domcom-C

Aliases	Downloader-TW Trojan-Downloader.Win32.Domcom.b
Category	Viruses and Spyware
Type	Trojan
What to do	If you've received an alert for a virus or spyware, then follow the instructions for removing the threat.
Prevalence	low high

Summary

Summary
Action
More Information


Affected operating systems	Windows
Characteristics	Drops more malware
Protection available since	7 February 2005 23:01:21 (GMT)
Detected by	All Sophos products

Free virus scan
Download the Threat Detection Test

Free virus, spyware, and adware scan
Test your existing anti-virus protection
Find threats your anti-virus missed

Action

Summary
Action
More Information

Please follow the instructions for removing Trojans.

More Information

Summary
Action
More Information

Troj/Domcom-C is a dropper Trojan.

Troj/Domcom-C may drop and run two files, both detected as Troj/Domcom-A.

In order to run automatically each time Internet Explorer runs, Troj/Domcom-C will register itself as a Browser Help Object and set the following registry entries:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
Browser Helper Objects\(031B6D43-CBC4-46A5-8E46-CF8B407C1A33)

HKCR\CLSID\(031B6D43-CBC4-46A5-8E46-CF8B407C1A33)\InprocServer32
(Default)
<path to Trojan>

The following registry branches will be created:

HKCR\CLSID\(031B6D43-CBC4-46A5-8E46-CF8B407C1A33)
HKCR\Interface\(CC1725CD-1EFA-4D88-8987-5EBF66347856)
HKCR\TypeLib\(4A31E565-08CB-4272-8817-7BF729B6A96F)
HKCR\DownCom.CDownCom
HKCR\DownCom.CDownCom.1

Get reports about the latest virus and spyware threats delivered to your computer

In this section

Troj/Domcom-C

Summary

Action

More Information