Dropped:Trojan.Generic.1561399

( Trojan.Win32.Agent2.flp, TR/Agent2.flp )

Spreading:	medium
Damage:	low
Size:	~34 KB
Discovered:	2009 Mar 18

SYMPTOMS:

Windows Defender is unable to run anymore.

TECHNICAL DESCRIPTION:

This relatively small executable is most probably just a part of a larger-scale malware attack. When run, it checks under HKLM\System\CurrentControlSet for the WinDefend service (belonging to Microsoft Windows Defender) and disables this service, leaving the user without Windows Defender's protection and making the system more vulnerable to other malware threats.

Removal instructions:

Please let BitDefender disinfect your files.

ANALYZED BY:

Marius Vanta, virus researcher

Intelligence Report Archives

Virus Encyclopedia
Real-time Virus Reporting
Security rules
Naming Convention

Quick Links » New Game Safe » Renew License » Self Service » Free Online Scanner