Troj/ParDrop-A

Aliases	Trojan.Win32.Small.da Trojan.Win32.Small.cz TROJ_SMALL.RX
Category	Viruses and Spyware
Type	Trojan
What to do	If you've received an alert for a virus or spyware, then follow the instructions for removing the threat.
Prevalence	low high

Summary

Summary
Action
More Information


Affected operating systems	Windows
Characteristics	Drops more malware
Protection available since	1 November 2005 10:51:43 (GMT)
Detected by	All Sophos products

Free virus scan
Download the Threat Detection Test

Free virus, spyware, and adware scan
Test your existing anti-virus protection
Find threats your anti-virus missed

Action

Summary
Action
More Information

Please follow the instructions for removing Trojans.

More Information

Summary
Action
More Information

Troj/ParDrop-A is a dropper Trojan for the Windows platform.

When first run, Troj/ParDrop-A creates the following files (these files have their read-only, hidden file attributes set):

<System>\explore.exe - detected as Troj/ParDrop-A
<Temp>\<random filename>.tmp - detected as Troj/ParDrop-A
<System>\inetinfo.exe - detected as W32/Parite-B
<System>\svids.dll - data file which may be safely deleted

Troj/ParDrop-A then attempts to load the W32/Parite-B virus by running the file <System>\inetinfo.exe. Troj/ParDrop-A is a dropper Trojan for the Windows platform.

When first run, Troj/ParDrop-A creates the following files (these files have their read-only, hidden file attributes set):

Troj/ParDrop-A then attempts to load the W32/Parite-B virus by running the file <System>\inetinfo.exe.

Troj/ParDrop-A also sets the following registry entry to run the W32/Parite-B virus:

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
System
<System>\inetinfo.exe

Get reports about the latest virus and spyware threats delivered to your computer

In this section

Troj/ParDrop-A

Summary

Action

More Information