English
Log in
Search
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

HomeDescriptionsTrojan-Dropper.Win32.Small.amj

Trojan-Dropper.Win32.Small.amj

Detected Feb 25 2006 16:39 GMT
Released Feb 25 2006 16:39 GMT
Published Jan 21 2008 10:25 GMT

Technical Details
Payload
Removal instructions

Technical Details

This Trojan is designed to install and launch other malicious programs on the victim machine without the knowledge or consent of the user. It is a Windows PE EXE file. It is 86016 bytes in size. It is written in C++.


Payload

When launching, the Trojan extracts two files from its body and saves them as follows:

%System%\sysdb32.exe

This file is 3072 bytes in size. It will be detected by Kaspersky Anti-Virus as Trojan-Downloader.Win32.Tiny.ba.

%System%\tcpb32.exe

This file is 47104 bytes in size. It will be detected by Kaspersky Anti-Virus as Backdoor.Win32.IRCBot.nw.

These files will then be launched for execution.

The Trojan then creates a command interpreter packet file in the current user's temporary directory and launches it. This file will delete the original Trojan file and its body.


Removal instructions

If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:

  1. Delete all files created by the Trojan.
    %System%\sysdb32.exe
    %System%\tcpb32.exe
  2. Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).


Print
Bookmark and Share
Share
Trojans
Trojan-Dropper

Trojan-Dropper programs are designed to secretly install malicious programs built into their code to victim computers.

This type of malicious program usually save a range of files to the victim’s drive (usually to the Windows directory, the Windows system directory, temporary directory etc.), and launches them without any notification (or with fake notification of an archive error, an outdated operating system version, etc.).

Such programs are used by hackers to:

  • secretly install Trojan programs and/or viruses
  • protect known malicious programs from being detected by antivirus solutions; not all antivirus programs are capable of scanning all the components inside this type of Trojans.

Other versions
Trojan-Dropper.Win32.Small.aal
Trojan-Dropper.Win32.Small.af
Trojan-Dropper.Win32.Small.anx
Trojan-Dropper.Win32.Small.at
Trojan-Dropper.Win32.Small.aw
Trojan-Dropper.Win32.Small.bc
Trojan-Dropper.Win32.Small.bdx
Trojan-Dropper.Win32.Small.cb
Trojan-Dropper.Win32.Small.cm
Trojan-Dropper.Win32.Small.cw
Trojan-Dropper.Win32.Small.dl
Trojan-Dropper.Win32.Small.do
Trojan-Dropper.Win32.Small.dr
Trojan-Dropper.Win32.Small.du
Trojan-Dropper.Win32.Small.enw
Trojan-Dropper.Win32.Small.es
Trojan-Dropper.Win32.Small.ez
Trojan-Dropper.Win32.Small.fe
Trojan-Dropper.Win32.Small.ff
Trojan-Dropper.Win32.Small.fj
Trojan-Dropper.Win32.Small.fp
Trojan-Dropper.Win32.Small.fz
Trojan-Dropper.Win32.Small.go
Trojan-Dropper.Win32.Small.hy
Trojan-Dropper.Win32.Small.ig
Trojan-Dropper.Win32.Small.jp
Trojan-Dropper.Win32.Small.k
Trojan-Dropper.Win32.Small.kv
Trojan-Dropper.Win32.Small.lg
Trojan-Dropper.Win32.Small.o
Trojan-Dropper.Win32.Small.p
Trojan-Dropper.Win32.Small.ra
Trojan-Dropper.Win32.Small.rd
Trojan-Dropper.Win32.Small.wb
Trojan-Dropper.Win32.Small.wz
Trojan-Dropper.Win32.Small.xj
Trojan-Dropper.Win32.Small.yt

© 1997-2012 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.

kaspersky.com

Products

eStore

Threats

Downloads

Support

Partners

About Us

Search

securelist.com

Threats

Analysis

Blog

Descriptions

Glossary

RSS feeds

Contacts

Search