1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Labs
  2. Threats
  3. Virus and threat descriptions
  4. Trojan-Downloader:W32/Agent.BTF

Trojan-Downloader:W32/Agent.BTF

Name : Trojan-Downloader:W32/Agent.BTF
Size:54784
Category:Malware
Type:Downloader, Trojan-Downloader, Adware
Platform:W32
Date of Discovery:June 07, 2007

Summary

Trojan-Downloader.Win32.Agent.btf downloads and silently installs a well known Rogue antispyware application named ContraVirus 2.0.

Additional Details

Agent.BTF attempts to download an installation package from the ContraVirus webpage.

It silently installs the ContraVirus application onto the infected machine.

It adds autorun launchpoints to:

  •   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Update Svc"=
  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Updater Servc"

Malware location:

  •  %system32%\xpuupdate.exe

Detection

F-Secure Anti-Virus detects this malware with the following updates:

[FSAV_Database_Version]

Version = 2007-06-11_04.