Trojan-Downloader.Java.Agent.mm

Removal Instructions

If your computer has not been protected with anti-virus software and has been infected with malware, you will need to take the following actions to delete this:

  1. Delete the original program file (its location on the infected computer will depend on how the program got onto the computer).
  2. Delete the file downloaded by the trojan:
    %Temp%\C7D8U2X8.exe
  3. Run a full Kaspersky Antivirus scan of the computer with updated antivirus databases (download trial version).

Payload

When launching, the trojan downloads a file from the internet using the following link:

http://***controllers.nl/box/hzf.exe

The link did not work when creating the description.


This file is saved in the current user's temporary file directory under the following name:

%Temp%\C7D8U2X8.exe

The trojan then launches the downloaded file.

The trojan then launches the downloaded file and shuts down.

Technical Details

A trojan program that downloads files from the internet without the user's knowledge and launches them. It is a Java-archive (JAR-file). 2832 bytes.