SHARE
THIS ON

Facebook Twitter Google Plus

Trojan.IFrame.AQ

MEDIUM
MEDIUM
varies
()

Symptoms

This is a script virus, and due to it's generic nature, there are no obvious symptoms. However, unusual internet traffic might be observed, as well as suspicious running processes and unwanted files.

Removal instructions:

Please let BitDefender disinfect your files.

Analyzed By

Cristian Lungu, virus researcher

Technical Description:

Trojan.IFrame.AQ is a small html code that opens a hidden browser window from address http://(removed)/test/test.html containing an Adodb.Stream exploit (detected by BitDefender as Exploit.ADODB.Stream.BU), which downloads and executes a binary file (also detected as Generic.Malware.dld!!.90566892). These files is a file that downloads from http://(removed)/000/ the file dnlsvc.exe (detected as Trojan.Hacktool.Rootkit.BR) and instals it.