About Trojan Progent

Progent is Trojan Horse that attempts to steal sensitive information and send it to the creator of the Trojan.

1. Copies itself as %System%\dtxservice.exe.
   
   
2. Adds the value:
   
   "DirectX For Microsoft Windows" = "%System%\dtxservice.exe -atm"
   
   to the registry keys:
   
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\policies\Explorer\Run
   
   
3. Drops following files:
   
   • %Windows%\Crss.exe: Detected as Trojan Horse
   • %Winodws%\mfps.exe: Detected as PWSteal.Trojan
   • %Windows%\kdd32.atm: Detected as PWSteal.Trojan
   • %Windows%\iss32.exe: Detected as PWSteal.Trojan
   • %Windows%\mps.exe: Detected as PWSteal.Trojan
     
     
4. Creates the registry key: ktdll32
   
   under the registry key:
   
   HKEY_LOCAL_MACHINE\SOFTWARE\
   
   
5. Creates the registry key: Dxdriver
   
   under the registry key:
   
   HKey_Current_User\SOFTWARE\Microsoft
   
   
6. Steals passwords and account information from the following programs:
   
   • ICQ
   • Yahoo! Messenger
   • Trillian
   • MSN Messenger
   • Outlook Express
   • Outlook
   • Eudora
   • IncrediMail
   • FTP
   • RAS
   • InternetExplorer Autocomplete
     
     
7. Also performs the following actions:
   
   • Steals URL history
   • Steals AddressBook
   • Steals System Information
   • Logs Processes log
   • Logs Key strokes
     
     
8. Sends the above information to the creator of the Trojan.

Also known as: Trojan.Spy.ProAgent.121

Trojan Progent Removal

Automatic Removal:

Using BPS Adware & Spyware Remover to detect and remove Trojan.Progent AUTOMATICALLY!

Manual Removal:

Not Available.

Detection and Removal Instructions for Trojans