Dropped:Trojan.Generic.1561399
MEDIUM
LOW
~34 KB
(Trojan.Win32.Agent2.flp, TR/Agent2.flp)
Symptoms
Windows Defender is unable to run anymore.
Removal instructions:
Please let BitDefender disinfect your files.
Analyzed By
Marius Vanta, virus researcher
Technical Description:
This relatively small executable is most probably just a part of a larger-scale malware attack. When run, it checks under HKLM\System\CurrentControlSet for the WinDefend service (belonging to Microsoft Windows Defender) and disables this service, leaving the user without Windows Defender's protection and making the system more vulnerable to other malware threats.
SHARE
THIS ON