Internet threat level: 1
Home→Descriptions→Trojan-Dropper.Win32.Agent.bgn
Trojan-Dropper.Win32.Agent.bgn
| Detected | May 21 2007 12:27 GMT |
| Released | Nov 02 2007 04:51 GMT |
| Published | May 21 2007 12:27 GMT |
Payload
Removal instructions
Technical Details
This Trojan installs other programs to the victim machine without the knowledge or consent of the user. It is a Windows PE EXE file. The file is 6,536 bytes in size.Payload
This program is a Trojan constructor. Trojans which are constructed using this program will install other malicious software to the victim machine.
When launched, the Trojan displays the following dialogue box:
When the malicious user clicks on create, the constructor will create a file called Result.exe in its working directory. This file is a Trojan program. When this Trojan is launched, it will extract all files places within its body to the Windows temporary directory and launch them for execution.
Removal instructions
If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:
- Use Task Manager to terminate the Trojan process.
- Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
- Delete the files the Trojan saved to the Windows temporary directory.
- Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).
Trojan-Dropper programs are designed to secretly install malicious programs built into their code to victim computers.
This type of malicious program usually save a range of files to the victim’s drive (usually to the Windows directory, the Windows system directory, temporary directory etc.), and launches them without any notification (or with fake notification of an archive error, an outdated operating system version, etc.).
Such programs are used by hackers to:
- secretly install Trojan programs and/or viruses
- protect known malicious programs from being detected by antivirus solutions; not all antivirus programs are capable of scanning all the components inside this type of Trojans.
Trojan-Dropper.
- Trojan.
Dropper-899 (ClamAV) - Trj/Downloader.
MDW (Panda) - W32/Dropper.
ENA (FPROT) - Trojan:
Win32/Meredrop (MS(OneCare)) - Trojan.
MulDrop. 7418 (DrWeb) - Win32:
LdPinch-BFL (AVAST) - Trojan-Dropper.
Win32. Agent. bgn (Ikarus) - Dropper.
Agent. EEY (AVG) - TR/Drop.
Agent. KP. 9 (AVIRA) - Trojan Horse (NAV)
- TROJ_AGENT.
UKU (PCCIL) - Dropper.
Win32. Agent. bgn (Rising)
© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.