Microsoft security software detects and removes this threat.

This a generic detection for trojans that install and run malware on your PC. These trojans have been deliberately created in a complex way to hide their purpose and make them difficult to analyze.

Details for each Meredrop variant will vary and can include multiple components.

The malware installed by these trojans can can have any purpose, but they often connect to websites and download other malware.

What to do now

The following free Microsoft software detects and removes this threat:

Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.

You can also visit the Microsoft virus and malware community for more help.

Threat behavior

Details for each Meredrop variant will vary and are not common for this trojan dropper.

Win32/Meredrop usually drops malware into the %windir% folder or the <system folder>, and runs them. Win32/Meredrop will then stop its own process and give control to its dropped malware components.

Some variants of trojan dropper Win32/Meredrop will delete itself immediately after dropping malware. Other variants create autostart registry entries for its dropped programs.


Alerts from your security software may be the only symptom.

A common result from running the trojan are multiple and additionally installed malware including trojans or backdoors, and sometimes worms.


Alert level: Severe
First detected by definition:
Latest detected by definition: 1.209.1114.0 and higher
First detected on: Oct 07, 2008
This entry was first published on: Nov 23, 2007
This entry was updated on: Nov 25, 2013

This threat is also detected as:
  • MultiDropper-GP.d (McAfee)
  • Trojan.Dropper.Agent.BAM (AVG)