Troj/DwnLdr-GUT

Aliases	Trojan-Downloader.Win32.Small.ejw Win32/Agent.NEO
Category	Viruses and Spyware
Type	Trojan
What to do	If you've received an alert for a virus or spyware, then follow the instructions for removing the threat.
Prevalence	low high

Summary

Summary
Action
More Information


Affected operating systems	Windows
Included in our products from	July 2007 (4.19)
Protection available since	21 May 2007 06:25:40 (GMT)
Last updated	21 May 2007 16:29:33 (GMT)
Detected by	All Sophos products

Action

Summary
Action
More Information

Please follow the instructions for removing Trojans.

More Information

Summary
Action
More Information

Troj/DwnLdr-GUT is a downloader Trojan for the Windows platform.

Troj/DwnLdr-GUT includes functionality to download, install and run new software. However, at the time of writing the site requested was not available.

When first run Troj/DwnLdr-GUT copies itself to <System>\<Random Filename>.exe and creates the file <System>\<Random Filename>.dll.

The executable file is registered as a new service named "9F9DF57C", with a startup type of automatic, so that it is started automatically during system startup. Registry entries are created under:
HKLM\SYSTEM\CurrentControlSet\Services\9F9DF57C
and
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_9F9DF57C

Get reports about the latest virus and spyware threats delivered to your computer

In this section

Troj/DwnLdr-GUT

Summary

Action

More Information