Malware Trojan.Win32.Agent.gwvg – Trojan has a destructive effect on the user’s computer.
Technical details
Trojan has a destructive effect on the user’s computer. The program itself is a Windows (PE EXE-file). 45056 bytes in size. It is written in Delphi.
Destructive activity
After starting the Trojan will search for and delete the following files:
% System% \ autentica.jpg% System% \ autent.jpg% System% \ autentinfo.jpg% System% \ txt.jpg% System% \ ct.jpg% System% \ cts.jpg% System% \ cx.jpg% System% \ sound34.exe% System% \ sound34.txt% System% \ Explorer64.exe% System% \ Explorer64.txt% System% \ Explorer66.exe% System% \ Explorer66.txt% System% \ driver.exe% System % \ driver.txt% System% \ hot.exe% System% \ hot.txt% System% \ hotm.exe% System% \ hotm.txt% System% \ or.exe% System% \ or.txt% System% \ drives.exe% System% \ drives.txt% WinDir% \ imolav.exe% WinDir% \ imolav.tmz% WinDir% \ imola.exe% WinDir% \ imola.tmz% WinDir% \ ie32.exe% WinDir% \ ie32.tmz% WinDir% \ ie512.exe% WinDir% \ ie512.tmz% WinDir% \ ie512b.exe% WinDir% \ ie512b.tmz% WinDir% \ ie64.exe% WinDir% \ ie64.tmz% WinDir% \ win07 . exe% WinDir% \ win07.tmz% WinDir% \ drives32.exe% WinDir% \ drives32.tmz% WinDir% \ iex.exe% WinDir% \ iex.tmz% WinDir% \ msz.exe% WinDir% \ msz. jpg% WinDir% \ lib.jpg
The Trojan then terminates.
Removal
If your computer was not protected by Antivirus and is infected with this malware, then delete the following steps:
Delete the original Trojan file (the location of the victim will depend on how the program originally penetrated the victim machine).
