This is a generic detection for a family of Trojan downloaders. These malicious programs will download a range of other malicious programs from the Internet to the victim machine.
Programs from this family may create the following registry values:
[HKLMSOFTWAREDR_S] [HKCUSOFTWAREDR_S] [HKLMSOFTWAREClassesdrs.nuID] [HKCUSOFTWAREClassesdrs.nuID]
All programs in this family have an identical way of getting URLs from where they will download additional malicious programs. Every 30 minutes a program from this family will download a file from, for instance, http://www.adzhooter.com/DR_S/gSD.html. This file contains addresses which direct the Trojan to other sites where it can download additional malicious programs:
|Find out the statistics of the threats spreading in your region|