1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Labs
  2. Threats
  3. Virus and threat descriptions
  4. Trojan-Downloader:JS/Agent.D

Trojan-Downloader:JS/Agent.D

Name : Trojan-Downloader:JS/Agent.D
Category:Malware
Type:Trojan-Downloader
Platform:JS

Summary

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.

Additional Details

Trojan-Downloader:W32/Agent.D is typically found on certain malicious sites. When activated, it downloads an EXE file from a website and saves it into the root directory of the C: drive. The downloaded file is then run.

The trojan also drops a file named CMD.BAT into the root directory of the C: drive. This BAT file is used for cleanup purposes only: it deletes the trojan's file from the hard disk.



Note

Technically. Agent.D's executable file is an HTML Application (HTA file). This file type is normally run by the MSHTA.EXE application, a program that comes standard with Windows.

While it is running, Agent.D hides its window from the user when it is running by resizing the window to a zero size and preventing it from being visible in the Taskbar.