We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Backdoor:Win32/Agent.FS
Detected by Microsoft Defender Antivirus
Aliases: W32/Atraps.AGNL (Norman) Agent2.ALTC (AVG) TR/ATRAPS.Gen (Avira)
Summary
Backdoor:Win32/Agent.FS is a backdoor trojan that is installed in the system by TrojanDropper:Win32/Agent.gen!I. It can gather Internet traffic information and perform commands issued by a remote attacker.
Manual removal is not recommended for this threat. To detect and remove this threat and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as Microsoft Security Essentials, or the Microsoft Safety Scanner. For more information about using antivirus software, see http://www.microsoft.com/security/antivirus/av.aspx.
Additional remediation instructions
This threat may make lasting changes to a computer’s configuration that are NOT restored by detecting and removing this threat. For more information on returning an infected computer to its pre-infected state, please see the following article/s:
- Using the system's recovery options to obtain a clean copy of <system folder>\mtxex.dll:
- For Windows XP: Installing and using the Recovery Console in Windows XP
- For Windows Vista: System Recovery Options in Windows Vista
- For Windows 7: System Recovery Options in Windows 7
- For other support and help related articles, go to:
- Windows 7: http://support.microsoft.com/gp/windows7
- Windows Vista: http://support.microsoft.com/ph/11732
- Windows XP: http://support.microsoft.com/ph/1173