Troj/Agent-QXD

    Category: Viruses and SpywareProtection available since:28 Mar 2011 05:42:56 (GMT)
    Type: TrojanLast Updated:28 Mar 2011 05:42:56 (GMT)
    Prevalence: Small Number of Reports

    Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

    Troj/Agent-QXD exhibits the following characteristics:

    File Information

    Size
    596K
    SHA-1
    ba91dda3cb76d09b515562c3822bb48fdd3edad4
    MD5
    0070031a6dd79ee95cd8b89711edf9cc
    CRC-32
    c7637dc8
    File type
    application/x-ms-dos-executable
    First seen
    2011-02-24

    Other vendor detection

    Avira
    TR/Crypt.XPACK.Gen3
    Kaspersky
    Trojan.Win32.Diple.cxq

    Runtime Analysis

    Copies Itself To
    • C:\WINDOWS\system32\adload4C.dll
    • c:\Documents and Settings\test user\Start Menu\Programs\Startup\scanedisknk73.dll
    • c:\Documents and Settings\test user\adload4C.dll
    Dropped Files
    • c:\Documents and Settings\test user\Start Menu\Programs\Startup\scandisk.lnk
      Size
      701
      SHA-1
      8cd711de712eb4c4447714bd30da102bec617fa1
      MD5
      0b7b1746fbd5f5c7cb72420b49bf6252
      CRC-32
      e56b871c
      File type
      application/octet-stream
      First seen
      2011-01-05
    Registry Keys Created
    • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      NvCplDaemonTool
      rundll32.exe C:\WINDOWS\system32\adload4C.dll,_IWMPEvents
    • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
      NvCplDaemonTool
      rundll32.exe C:\DOCUME~1\support\adload4C.dll,_IWMPEvents

    Download Sophos HomeDownload
    Sophos Home

    Free business-grade security for the home.

    Endpoint Protection