ETPRO MALWARE Trojan.Llac.Win32 PUP Activity

Description:

• http://www.enigmasoftware.com/trojanwin32llacbdm-removal/

False Positive:

• MAYBE
• The IP belongs to a CDN and is effectively shared across many service providers.
• The domain being accessed is www.kqzyfj.com.
• This domain is closely associated with Adware InstallCore.
• It isn't clear if this is the more dangerous Llac Trojan or if it's just InstallCore.
• The Llac Trojan has very little available information.

Action:

• Alarm