Protector Plus Download Antivirus
Home
Download Antivirus
Antivirus Products
Order Antivirus


Antivirus Software for Windows XP/2000/2003
Antivirus Software for Windows Me/98
Antivirus Software for Exchange 2000/2003
Antivirus Software for NetWare

W32/Bagle.QU Trojan

Name W32/Bagle.QU Trojan
Aliases TROJ_BAGLE.QU
Discovered on March 20, 2008

 Virus Information - W32/Bagle.QU Trojan:

W32/Bagle.QU is a trojan. The trojan will infect Windows systems.

Upon execution, the trojan copies itself as:

hldrrr.exe in the Windows System\drivers folder,
srosa.sys in the Windows System\drivers folder,
SOUNDMAN.exe in the Windows Temp folder.

The trojan modifies registry at the following location to load itself during each startup;

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa

The trojan also attempts to connect to remote web-sites to download malicious files.

The trojan may exhibit some Rootkit Capabilities like hiding files, processes, and/or registry entries.

It corrupts the file NTRTSCAN.EXE.

Anti virus for Windows Download Now!

Home Page Download Antivirus Antivirus Products Order Antivirus

Copyright © 2008 Proland Software.All rights reserved

antivirus software, anti virus software, anti virus, download antivirus, download anti virus, free antivirus, free anti virus, antivirus, download, free, windows, windows xp, xp, sp2, windows me, windows 2000, 98, 95, nt, me, 2003, netware, anti-virus, virus, worm, trojan, protector, plus, proland, virus software, spyware