Date Discovered: 3/5/2004
Date Added: 3/23/2004
Origin: Unknown
Length: 7680
Type: Trojan
SubType: Downloader
Virus Characteristics
When executed on the victim machine, this downloader trojan attempts to download files.
The trojan is UPX packed.
When run, the trojan attempts to disable security software. It targets processes that use the following names:
- update.exe
- explorer.exe
- winlogon.exe
- system.exe
- taskman.exe
- taskmon.exe
- svchost.exe
- services.exe
- wupdmgr.exe
- winspool.exe
- webcheck.exe
- wininet.exe
It copies itself to the WINDOWS + "SYSTEM" directory and creates a registry run key to load itself at system startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
"System Update" = c:\Windows\System\%Trojan File Name%
More: http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=101129
 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
General discussion
Downloader-HZ
Discussion is locked
CNET Forums
Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Roadshow Autos
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic