Summary
Trojan-Downloader:W32/Tiny.GG attempts to download and install other malware to the system.
Disinfection & Removal
Allow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
Technical Details
Trojan-Downloader:W32/Tiny.GG arrives on the system as a downloaded file of Exploit:W32/Ani.D. See the description for Exploit:W32/Ani.C for additional details.Upon execution, it launches Internet Explorer by using the following hard-coded path:
- C:\program files\Internet Explorer\Iexplore.exe
It then injects code to the Internet Explorer process to download and execute another file from the following site:
- http://www.ticp.co.kr/images/image/[REMOVED].exe
The downloaded file is already detected as Trojan.Win32.Agent.ads since database update version 2007-03-30_04.
Detection
F-Secure Anti-Virus detects this malware with the following updates:
Detection Type: PC
Database: 2007-03-30_03
Submit a sample
Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)
F-Secure Community
Give advice. Get advice. Share the knowledge on our free discussion forum.