Internet threat level: 1
Home→Descriptions→Trojan-Dropper.Win32.Small.fz
Trojan-Dropper.Win32.Small.fz
| Detected | Apr 13 2004 15:41 GMT |
| Released | Apr 13 2004 15:41 GMT |
| Published | Feb 26 2007 09:42 GMT |
Payload
Removal instructions
Technical Details
This Trojan is designed to install and launch other programs on the victim machine without the user’s knowledge or consent. This Trojan is a Windows PE EXE file. It is 16,377 bytes in size.Payload
Once launched, the Trojan extracts two files from its body to the Windows root directory. The files will then be launched for execution. The file names are randomly generated.
The first file will have an .exe extension, and will be detected by Kaspersky Anti-Virus as Trojan.Win32.Pandora.l.
The second file will have a .jpg extension. It contains an image which, once the file has been extracted, will be displayed on screen using an application to view graphical files. This is designed to distract the user from the first file being launched.
Removal instructions
If your computer does not have an up-to-date antivirus, or does not have an antivirus solution at all, follow the instructions below to delete the malicious program:
- Delete the original Trojan file (the location will depend on how the program originally penetrated the victim machine).
- Delete the files the Trojan saved to the Windows root directory.
- Update your antivirus databases and perform a full scan of the computer (download a trial version of Kaspersky Anti-Virus).
Trojan-Dropper programs are designed to secretly install malicious programs built into their code to victim computers.
This type of malicious program usually save a range of files to the victim’s drive (usually to the Windows directory, the Windows system directory, temporary directory etc.), and launches them without any notification (or with fake notification of an archive error, an outdated operating system version, etc.).
Such programs are used by hackers to:
- secretly install Trojan programs and/or viruses
- protect known malicious programs from being detected by antivirus solutions; not all antivirus programs are capable of scanning all the components inside this type of Trojans.
Trojan-Dropper.
- TrojanDropper.
Win32. Small. fz (Kaspersky Lab) - Trojan:
MultiDropper-DN. gen (McAfee) - Troj/Small-FZ (Sophos)
- Trojan.
Dropper. Small. Fz (ClamAV) - Trojan Horse (Panda)
- W32/Dropper.
JN (FPROT) - TrojanDropper:
Win32/Small. FZ (MS(OneCare)) - Trojan.
MulDrop. 366 (DrWeb) - Win32/TrojanDropper.
Small. FZ trojan (Nod32) - Generic.
Malware. P!Pk!. 8EF49F16 (BitDef7) - Win32:
Trojan-gen (AVAST) - Virus.
Win32. Trojan-Dropper. Small. FZ (Ikarus) - Dropper.
Small. 4. BA (AVG) - DR/Small.
FZ (AVIRA) - Trojan.
KillAV (NAV) - W32/Smalldrp.
FZ (Norman) - Dropper.
Small. fru (Rising) - TROJ_SMALL.
FZ (TrendMicro)
© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.