Home / malware Trojan:Win32/AgentBypass.gen!G
First posted on 11 June 2009.
Source: SecurityHomeAliases :
Trojan:Win32/AgentBypass.gen!G is also known as Also Known As:Trojan-PSW.Win32.Gamer.h (Kaspersky), Trojan-PWStealer (Sunbelt Software), Infostealer.Gampass (Symantec), TSPY_GAMER.AB (Trend Micro).
Explanation :
Trojan:Win32/AgentBypass.gen!G is a generic detection for Trojans that attempt to inject possibly malicious code into the explorer.exe process.
Symptoms
There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptom(s).
Trojan:Win32/AgentBypass.gen!G is a generic detection for Trojans that attempt to inject possibly malicious code into the explorer.exe process. Explorer.exe is the Windows default shell and is usually exempt from or in the trusted list of a software-based firewall rule allowing inbound and outbound network traffic. The function of the injected code may vary but most samples are designed to load a DLL file into the explorer.exe process that bypasses the firewall. The code may also serve as a rootkit that interferes with the normal operation of explorer.exe, such as hide files and folders from the user.
Analysis by Jireh SanicoLast update 11 June 2009
