Trojan.AVKiller.Agent.C
Results 1 to 6 of 6

Thread: Trojan.AVKiller.Agent.C

  1. #1
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188

    Trojan.AVKiller.Agent.C

    I have been hearing about this on IRC. Sounds pretty mean. Crashes browsers when visiting AV sites, prevents downloads/updates, Adaware and Spybot do not detect it. Most AVs Crash. All of this is hear-say... anyone else heard of this?

    edit:

    upon further research, it appears that this may have been around for awhile. But apparently, there are still variants in the wild...
    Last edited by westin; February 13th, 2009 at 05:28 AM.
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  2. #2
    0_o Mastermind keezel's Avatar
    Join Date
    Jun 2003
    Location
    Atlanta
    Posts
    1,024
    Off topic...which IRC channel do you frequent?

    And no, I have not yet encountered this particular gem, but the latest "strain" if you will has been pretty robust. I would not be surprised.

  3. #3
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hmmmm,

    Yes, I have but not for a long while.............it is a year old

    http://vgrep.viruspool.net/virus.cms?&id=3077566

    I thought the scumbags had given up on that sort of crap as it is pretty obvious that you have an infection and would be inclined to DBAN the drive and reinstall.

    Combofix is the tool I would use to try to get rid of it.

    http://www.myantispyware.com/2007/10...-spyware-tool/

    Read and follow the instructions very carefully

    With older versions you might find Hjthis101.dll in \Windows\System32\ and the Registry.

    I wonder if it would actually infect if you were running UAC?

    Obviously it is a pain in the a$$, but it is totally unsubtle. It's the ones you don't know you have that are the most dangerous
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  4. #4
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Ive dealt with this and its variants. Its quite nasty and I have had to disinfect manually on customers machines.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  5. #5
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Its quite nasty and I have had to disinfect manually on customers machines.
    But only because you aren't allowed to use other people's tools?
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  6. #6
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    Hey thanks for the replies. keezel I am not really on all that much, but I usually go to #infoleak on irc.2600.net .. that is where I found the person talking about this trojan. I hadn't seen it before, but after looking around a bit, I found a post talking about it almost a year ago, as nihil pointed out. I agree, it is not very subtle. I have mainly been hearing about the conficker/downadup bug lately. Pretty clever...
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides