Troj/Pushdo-AI

Aliases	Trojan-Dropper.Win32.Agent.ajkv
Category	Viruses and Spyware
Type	Trojan
What to do	If you've received an alert for a virus or spyware, then follow the instructions for removing the threat.
Prevalence	low high

Summary

Summary
Action
More Information


Affected operating systems	Windows
Protection available since	24 March 2009 17:09:53 (GMT)
Detected by	All Sophos products

Free virus scan
Download the Threat Detection Test

Free virus, spyware, and adware scan
Test your existing anti-virus protection
Find threats your anti-virus missed

Action

Summary
Action
More Information

Please follow the instructions for removing Trojans.

More Information

Summary
Action
More Information

Troj/Pushdo-AI is a password stealing Trojan for the Windows platform.

When first run Troj/Pushdo-AI installs the following file which is detected separately as Troj/Rootkit-FJ:

<System>\drivers\nicsk32.sys

The file nicsk32.sys is registered as a new service named "nicsk32". Registry entries are created under:

HKLM\SYSTEM\CurrentControlSet\Services\nicsk32

Get reports about the latest virus and spyware threats delivered to your computer

In this section

Sophos blogs

Troj/Pushdo-AI

Summary

Action

More Information