Follow:

You have been re-routed to the Trojan:Win32/Agent write up because Trojan%3aWin32%2fAgent has been renamed to Trojan:Win32/Agent
 

Trojan:Win32/Agent


Trojan:Win32/Agent is a generic detection for a number of trojans that may perform different malicious functions. The behaviors exhibited by this family are highly variable.


What to do now

Manual removal is not recommended for this threat. Use Microsoft Windows Defender, Microsoft Security Essentials, the Microsoft Safety Scanner, or another up-to-date scanning and removal tool to detect and remove this threat and other unwanted software from your computer. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx.

Threat behavior

Trojan:Win32/Agent is a generic detection for a number of trojans that may perform different malicious functions. The behaviors exhibited by this family are highly variable.
Installation
Due to the generic nature of this detection, methods of installation may vary. These trojans may often install themselves by copying their executable to the Windows or Windows system folders, and then modifying the registry to run this file at each system start. These trojans often modify the following subkey in order to accomplish this:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Payload
Again, the generic nature of this detection means that the Payloads performed by this group of trojans may be highly variable, and therefore difficult to describe specifically. This group of trojans has been observed to perform any, or all, of the following actions:
  • redirect Web traffic
  • manipulate certain Windows or third-party applications including settings or configurations
  • drop or install additional malicious programs
  • download and run additional malicious programs
Please note that this list is not exhaustive.

Symptoms

The behaviors exhibited by this group of trojans is highly variable - thus there are no symptoms specific to this detection.

Prevention


Alert level: Severe
First detected by definition: 1.45.287.0
Latest detected by definition: 1.177.494.0 and higher
First detected on: Oct 07, 2008
This entry was first published on: Jan 28, 2008
This entry was updated on: Apr 17, 2011

This threat is also detected as:
No known aliases