Win32/Agent.ODG

Win32/Agent.ODG is a definition for malware with remote access capability. This particular version can allow a remote attacker to gain control of the infected computer through backdoor. The Trojan frequently communicates to a remote server to download other malware that it can drop and execute on victim's machine.

When executed, Win32/Agent.ODG will directly hit Windows registry. It will include certain values in order to disable warning messages that Windows prompts each time an illegal activity occurs on the system. The same actions will carry out by the Trojan that will reduce the security settings on Internet Explorer as well as operating system. With this action, user may be prone to any virus attack during the presence of Win32/Agent.ODG.

Like most Trojan, Win32/Agent.ODG will create a registry entry to run itself on Windows start-up. It may also inject harmful code into valid processes typically running on Windows operating system.

Then, the Trojan tries to contact a command and control (C&C) server through HTTP request using a configured Port. During analysis, it was discovered that most of C&C servers will provide remote command for this threat, giving an attacker full control on the compromised PC.

Characteristics:

Win32/Agent.ODG allows a remote attacker to control the infected computer. It was also made to gather sensitive data like user name, password, and other vital software and hardware information. This Trojan is also capable of upgrading itself by contacting a remote server to download file updates.

Symptoms:

Backdoor Trojan are known for their capabilities taking control over an infected PC. Normally, this threat chews system resources more than any other threat. Thus, user may see sudden reduction on system performance as well as slow Internet connection.

How to Remove Win32/Agent.ODG

1. Download Malwarebytes' Anti-Malware from this link and save it on your Desktop.
2. After downloading, double-click on mbam-setup.exe to install the application.
3. Follow the prompts and install as default only.

4. Before the installation completes, check on the following prompts:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware

5. Click Finish. Program will run automatically and you will be prompt to update the program before doing a scan. Please update.
6. Scan your computer thoroughly.
7. When scanning is finished click on the Show Results button.
8. Make sure that all detected threats are marked, click on Remove Selected.
9. Restart your computer.

Note: Some malware may prevent mbam-setup.exe from downloading and running. You can download and rename this program from a different computer before running it on infected system.

6 Comments

  1. vivek

    It didnt delete the threat..eset still shows this threat..
    tried wid many oder antivirus softwares only eset showed it but it isnt deleting it

  2. vu

    i tried the scan with Malwarbytes but it did not detect anything. I tried again with Nod32 and it still reports

    Operating memory – Win32/Agent.ODG virus – unable to clean

  3. vivek

    Same wid me bro..ne1 wid any solution??

  4. Carl

    i’ve got this Win32/Agent.ODG virus on my computer and can not get rid of it. Tried many things that have been suggested but they don’t work. HELP!

  5. adr

    ya i also have it , nod32 show it in system operating memory but even after Malwarbytes scan its sill there

  6. Pipo

    Use GMR or Dr Web-CureIt
    ;)

Comments are closed.