This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.
Disinfection & Removal
Allow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
Trojan-Downloader:W32/Small.EKV attempts to download and install other malware to the system. Small.EKV arrives on the system as a downloaded file of Exploit:W32/Ani.C.
Upon execution, it launches Internet Explorer by using the following hard-coded path:
- C:\program files\Internet Explorer\Iexplore.exe
It then injects the code to Internet Explorer and proceeds to download and execute another file from the following site:
The site listed above is currently inaccessible as of the time of this writing.
F-Secure Anti-Virus detects this malware with the following updates:
Detection Type: PC