Selected viruses, spyware, and other threats: sorted alphabetically
Short descriptionWin32/Agent.QZG is a trojan which tries to download other malware from the Internet. The file is run-time compressed using UPX.
InstallationWhen executed, the trojan copies itself into the following location:
- %windir%expmodule.exe (19456 B)
- %system%wmmest.dll (14336 B)
- [HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersion
"Shell" = "expmodule.exe"
Other informationThe trojan creates and runs a new thread with its own program code within the following processes:
It can execute the following operations:
- download files from a remote computer and/or the Internet
- run executable files
- remove itself from the infected computer
- computer name
- list of disk devices and their type
The trojan may turn off the computer.