Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Trojan-Downloader:JS/Agent.D


Aliases:


Trojan-Downloader:JS/Agent.D

Malware
Trojan-Downloader
JS

Summary

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.



Disinfection & Removal

Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.



Technical Details

Trojan-Downloader:W32/Agent.D is typically found on certain malicious sites.When activated, it downloads an EXE file from a website and saves it into the root directory of the C: drive. The downloaded file is then run.

The trojan also drops a file named CMD.BAT into the root directory of the C: drive. This BAT file is used for cleanup purposes only: it deletes the trojan's file from the hard disk.


Note

Technically. Agent.D's executable file is an HTML Application (HTA file). This file type is normally run by the MSHTA.EXE application, a program that comes standard with Windows.

While it is running, Agent.Dhides its window from the user when it is running by resizing the window to a zero size and preventing it from being visible in the Taskbar.







Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.

Scan and clean your PC




F-Secure Online Scanner will scan and clean your PC in just a few minutes for free