Trojan.ADH.2 is a generic detection that was aimed to identify new malware threats without using the traditional anti-virus signatures. Trojan.ADH.2 is a malicious file or software that was purposely morphed by its author to hide its presence from anti-virus software. The Trojan does not self-replicate but has a tendency to download addition malware from a remote server.
Damage Level: High
Systems Affected: Windows 9x, 2000, XP, Windows Vista
Once user executes Trojan.ADH.2, it will infect various system files. The Trojan will also replace legitimate Windows files with its own harmful code. Thus, the Trojan may load whenever the affected file is run on the system.
When the Trojan is running, it may perform other tasks that will benefit other viruses. Trojan.ADH.2 may reduce security settings and disable firewall on the computer. This will allow any Internet traffic to pass through without restrictions. The Trojan may also end security related process causing antivirus programs to deactivate. Without these security measures, affected computer is now much vulnerable to other virus attacks and intrusions.
Here is a screenshot image showing Symantec Antivirus detects the Trojan in real time.
This kind of Trojan basically spread through file-sharing networks. In most occasions, Trojan.ADH.2 author embeds the code onto legitimate executable files that are frequently downloaded from shared public server. Using a sophisticated technique, it often conceals itself from antivirus application. A Spam email message is another channel to distribute the Trojan to unspecified targets. It may arrive as an attached file that disguises as legitimate document file.