I have previous posted about the Windows threat ‘Trojan.downloader.uj’ and that I have build a removal help tool for it.
I think it would be best for all if I post here some removal steps for this special threat which is really tricky, since it is a trojan but uses userland rootkit techniques.
Here are the steps:
Or you can try Grisoft AVG Anti-Rootkit Beta 1.0.0.13, but be careful it is a beta!
Thats’s all the threat should be removed now.
Aliases for this threat are:
| Antivirus | Alias |
| AntiVir | TR/Dldr.Agent.uj.1 |
| Authentium | W32/Downloader.LTB |
| Avast | Win32:Agent-IU |
| AVG | Downloader.Agent.BAH |
| BitDefender | Trojan.Downloader.FFZ |
| CAT-QuickHeal | TrojanDownloader.Agent.uj |
| ClamAV | Trojan.Downloader.Agent-262 |
| DrWeb | Trojan.DownLoader.4316 |
| eTrust-InoculateIT | Win32/SillyDL.51200!Trojan |
| eTrust-Vet | Win32/Alureon.Y |
| Ewido | Downloader.Agent.uj |
| Fortinet | RuinDl.G!tr |
| F-Prot | security risk named W32/Downloader.LTB |
| F-Prot4 | W32/Downloader.LTB |
| Ikarus | Trojan-Downloader.Win32.Agent.uj |
| Kaspersky | Trojan-Downloader.Win32.Agent.uj |
| McAfee | Downloader-ASI |
| Microsoft | TrojanDownloader:Win32/Agent.RR |
| NOD32v2 | a variant of Win32/Small.FB |
| Norman | W32/DLoader.NNL |
| Panda | Trj/Ruins.MB |
| Sophos | Troj/RuinDl-G |
| Symantec | Downloader |
| TheHacker | Trojan/Downloader.Agent.uj |
| UNA | TrojanDownloader.Win32.Agent.68D6 |
| VBA32 | Trojan.DownLoader.4316 |
I hope this is helpful.
Regards,
Vinzenz Feenstra
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Mar | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | 31 | ||||