Troj/DwnLdr-GWV

    Category: Viruses and Spyware
    Type: Trojan
    Prevalence: No Reports

    Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

    Troj/DwnLdr-GWV is a Trojan for the Windows platform.

    Troj/DwnLdr-GWV includes functionality to download, install and run new software.

    When first run Troj/DwnLdr-GWV copies itself to <Temp>\frmwrk.exe.

    Registry entries are set as follows:

    HKCU\Software\Microsoft\Internet Explorer\Desktop\Components
    GeneralFlags
    0

    HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\0
    CurrentState
    40000004

    HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\0
    Flags
    2

    HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\0
    FriendlyName
    My Current Home Page

    HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\0
    Source
    About:Home

    HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\0
    SubscribedURL
    About:Home

    HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\1
    CurrentState
    1

    HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\1
    Flags
    3

    HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\1
    FriendlyName
    Internet Explorer Channel Bar

    HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\1
    Source
    131A6951-7F78-11D0-A979-00C04FD705A2

    HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\1
    SubscribedURL
    131A6951-7F78-11D0-A979-00C04FD705A2

    HKCU\Software\Microsoft\Internet Explorer\Desktop\General
    Wallpaper
    <System>\warn.htm

    Download Sophos HomeDownload
    Sophos Home

    Free business-grade security for the home.

    Endpoint Protection