Troj/DwnLdr-HLK

Category	Viruses and Spyware
Type	Trojan
What to do	If you've received an alert for a virus or spyware, then follow the instructions for removing the threat.
Prevalence	low high

Summary

Summary
Action
More Information


Affected operating systems	Windows
Included in our products from	February 2009 (4.38)
Protection available since	3 December 2008 07:24:44 (GMT)
Detected by	All Sophos products

Action

Summary
Action
More Information

Please follow the instructions for removing Trojans.

More Information

Summary
Action
More Information

Troj/DwnLdr-HLK is a Trojan for the Windows platform. When run Troj/DwnLdr-HLK creates the following registry entries:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
star1
<System>\Winrun.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
star2
<System>\ischot.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
star3
<System>\Xred1.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
star4
<System>\Zred2.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
star6
<System>\MscheldB.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
star7
<System>\Mscheldncx.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
star8
<System>\svscheld.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
msne
<path to Trojan executable>

Get reports about the latest virus and spyware threats delivered to your computer

In this section

Troj/DwnLdr-HLK

Summary

Action

More Information