Home > General > Trojan-Downloader.Win32.Agent.dkcd


What to do now Manual removal is not recommended for this threat. You may also refer to the Knowledge Base on the F-Secure Community site for more information. The downloaded malware is currently detected as Rootkit.Win32.Agent.ey and makes the infected machine act as an e-mail spam bot. Technical Details Execution Trojan-Downloader:W32/Agent.BRK drops the following driver component once it has been executed: %sysdir%\drivers\runtime.sys The component is detected as Rootkit.Win32.Agent.dw. Source

About DrayTek DrayTek Corp., founded in 1997, is a global provider of comprehensive network security, remote access and VoIP solutions for residential/small office and Small and Medium Enterprises(SME) use. More comments Leave your comment... ? All other names and brands are registered trademarks of their respective companies. Learn More About About Company News Investors Careers Offices Labs Labs Labs blog Latest threats Remove threats Submit a sample Beta programs Support Support Knowledge base Software updates Community Support Tools More hints

Windows 10, Windows 8.1, Windows 7 SP1, and Vista SP2 English, French, Italian, German and Spanish. [email protected] KL_003_110_000 (VP5300, VP5500) D-SWAT ****************************************************** Signature Version : KL_003_110_000 Release Date : May 14, 2015 Applied Models : VigorPro 5300, 5500 Series ****************************************************** DT-AI Total: 2,790 KL-AV Total: 1,463 KL-AV Compressed file Inner file SHA256: defbd45c0df94163924f61d2380da95c3e1086204fbaadd6ad274921565bb0e2 File name: orthos_exe_20060420.zip Detection ratio: 1 / 42 Analysis date: 2011-06-14 23:59:10 UTC ( 5 years, 7 months ago ) View latest Probably harmless! Win32/Agent downloads unwanted software from a remote Web site.

Dynamic updates for both technologies are provided automatically - free of charge to all ESET customers. Registry Changes Trojan-Downloader:W32/Agent.BRK may create any of the following mutex while active: k4j.32H_f7z_Z6e.g8G0 y8w.61T_i0b_Q3f.l4R7 SUBMIT A SAMPLE Suspect a file or URL was wrongly detected? All Rights Reserved. To meet the needs of customers for quality and cost-effectiveness, DrayTek, with technologies integrated with real-time Anti-Virus/Anti-Intrusion system, VPN, VoIP and xDSL broadband access, has successfully delivered total network protection worldwide.

All other names and brands are registered trademarks of their respective companies. It combines the industry's most advanced heuristics with generic signatures for the best proactive and precise protection available. Removal Automatic action Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action. https://www.f-secure.com/v-descs/trojan-downloader_w32_agent_brk.shtml For more information, please visit the company's website at http://www.draytek.com.

Firewall alerts may trigger, giving an indication that a program is unexpectedly attempting to contact a remote Web site. or ESET North America. next » Pageof 12 NOD32 - v.12214 (September 7, 2015) Total: 111 (7 Android, 4 BAT, 1 HTML, 1 Java, 1 JS, 22 MSIL, 1 NSIS, 3 VBS, 71 Win32) Android/Iop.J, Find out more about VirusTotal Community.

New - Anti-Phishing Protection for Chrome. https://myvigor.draytek.com/DSWAT/press_1.php?ID=4512 For Home For Business For Partners Labs Home News News From the Labs Incidents Calendar Tools & Beta Tools & Beta Flashback Removal Database Updates Rescue CD Router Checker iOS Check Interesting properties The studied file contains at least one Portable Executable. Sign in Join the community No votes.

You must have to REGISTER before you can post: Click the register link above to proceed. this contact form Email: Recover password Cancel × Join VirusTotal Community Interact with other VirusTotal users and have an active voice when fighting today's Internet threats. What's New? Sign in AccountManage my profileView sample submissionsHelpMalware Protection CenterSearchMenuSearch Malware Protection Center Search Microsoft.com Search the Web AccountAccountManage my profileView sample submissionsHelpHomeSecurity softwareGet Microsoft softwareDownloadCompare our softwareMicrosoft Security EssentialsWindows DefenderMalicious Software

Share the knowledge on our free discussion forum. Activity Trojan-Downloader:W32/Agent.BRK launches an instance of Microsoft Internet Explorer as a hidden process with its code injected into the process. Only registered users can leave comments, sign in and have a voice! have a peek here March 30th, 2010 #5 terzhagy Guest Re: Trojan-Downloader.Win32.Agent.dkcd Thanks for the help!

Top Threat behavior TrojanDownloader:Win32/Agent is family of Trojan downloaders. The content could include anything from additional downloader Trojans, to imitation security programs.   For example, when a variant of TrojanDownloader:Win32/Agent is run, it may perform the following actions: Drop a file Prevention Take these steps to help prevent infection on your computer.

The downloaded content could include anything from additional downloader Trojans, to imitation security programs.

Cancel Sign in KL_003_121_000 (VP100) D-SWAT ****************************************************** Signature Version : KL_003_121_000 Release Date : August 10, 2015 Applied Models : VigorPro 100 Series ****************************************************** DT-AI Total: 1,986 KL-AV Total: 561 KL-AV More scanning & removal options More information on the scanning and removal options available in your F-Secure product can be found in the Help Center. Until you can find more info about the infection, you can send the file to Kaspersky for evaluation as described here: http://forums.zonealarm.com/showthread.php?t=70505 Explain your results at virustotal.com and see what they s r.o.

The downloaded file is then saved as: %sysdir%\[number]_exception.nls The variable [number] is any number from 0 - 9. The time now is 06:08 AM. 2003-2016 Check Point Software Technologies Ltd. DOWNLOAD NOW Most Popular MalwareCerber [email protected] Ransomware'[email protected]' RansomwareRansomware.FBI MoneypakRevetonNginx VirusKovter RansomwareDNS ChangerRandom Audio Ads VirusGoogle Redirect Virus Top TrojansHackTool:Win32/KeygenJS/Downloader.Agent New Malware RansomPlus RansomwareNetflix RansomwareCryptConsole Ransomware‘.Merry File Extension' RansomwareZekwaCrypt RansomwareLataRebo Locker Ransomware‘.potato Check This Out I've tried searching for this file, but could not find any information on Trojan-Downloader.Win32.Agent.dkcd.

For more information, please visit the company's website at http://www.draytek.com. Get advice. Competition | Press Center | ESET Blog | Threat Center | Support | Careers All Products: Select Product ESET Multi-Device Security ESET Smart Security ESET NOD32 Antivirus ESET Cyber Security Pro Virus signature database updates ThreatSense is the anti-threat engine that powers all ESET products.

It may help you determine if the detection is real or a false positive. It also replaces the file for the Microsoft Windows IPv6 Windows Firewall Driver service: %sysdir%\drivers\ip6fw.sys The file is replaced with a copy of Rootkit.Win32.Agent.dp. I uploaded orthos.eve to virustotal.com and it came back with 5 hits out of 42. Here are the instructions how to enable JavaScript in your web browser.

March 30th, 2010 #2 garywa Guest Re: Trojan-Downloader.Win32.Agent.dkcd Upload the file to http://www.virustotal.com/ It will scan the file and give you a report. s r.o. . : , 115280, . , . , . 26. : +7 (495) 803-36-16 No one has voted on this item yet, be the first one to do so! Trojan-GameThief.Win32.Magania.cmak Aliases Share: More Name Engine (Suspicious) - DNAScan CAT-QuickHeal 45670 PCTools 49565 PCTools a variant of Win32/AutoRun.PSW.OnlineGames.BL NOD32 a variant of Win32/Kryptik.IMJ NOD32 a variant of Win32/Pacex.Gen NOD32 a variant

Fixed: VC 14 Redistributable installation issue.