The Web    Google
7/23: Dluca-CQ an Adware Application

7/23: Dluca-CQ an Adware Application
July 23, 2004

Troj/Dluca-CQ is an adware application, according to Sophos.

The Trojan copies itself to the location:
C:\Program Files\Internet Optimizer\optimize.exe
and creates the following registry entry in order to be run on startup:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Internet Optimizer
= \"C:\Program Files\Internet Optimizer\optimize.exe\"

The Trojan also creates registry entries in the following locations:

HKCU\Software\Avenue Media\
HKCU\Software\Policies\Avenue Media\
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Optimizer\
HKLM\SOFTWARE\Policies\Avenue Media\

The Trojan may execute files downloaded without the user's consent.

  • 2/10: Mydoom-AS a Mass-Mailing Worm
  • Critical Flaws Flagged in Mozilla, Thunderbird
  • 7/30: Tompai-A Has Backdoor Functionality
  • Exploring Windows 2003 Security: IP Security
  • A Jump on Security Advisories (For a Fee)
  • Virus Alert Activity Intensifies
  • 11/29: QLowZones-2 Modifies IE Settings
  • 3/30: Anicmoo-C Trojan Arrives in Package
  • Windows Server 2003: Hardware-Based Security
  • 'Land' Bug Back to Bedevil Microsoft Servers
  • Fighting to Keep Smut-Spam in a Brown Wrapper
  • Computer security background information