Another hotoffers hijacking problem..

Reply
« First 2 3

Join Date: Mar 2005
Posts: 20
Reputation: mastermirage is an unknown quantity at this point 
Solved Threads: 0
mastermirage mastermirage is offline Offline
Newbie Poster

Re: Another hotoffers hijacking problem..

 
0
  #21
Mar 15th, 2005
I scanned it twice..


Service load: 0% 100%

File: scheduler.exe
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
Packers detected: PE-CRYPT.$D, UPX

AntiVir Worm/Agobot.320592 (0.39 seconds taken)
Avast Win32:Trojan-gen. {Other} (1.52 seconds taken)
AVG Antivirus Worm/Agobot.29.AG (0.56 seconds taken)
BitDefender Backdoor.Agobot.C (1.62 seconds taken)
ClamAV No viruses found (1.33 seconds taken)
Dr.Web Win32.HLLW.Agobot (2.42 seconds taken)
F-Prot Antivirus W32/Agobot.AXV (0.09 seconds taken)
Fortinet W32/Agobot.LQ-net (0.44 seconds taken)
Kaspersky Anti-Virus Backdoor.Win32.Agobot.gen (1.14 seconds taken)
mks_vir Worm.Gaobot.We (0.22 seconds taken)
NOD32 Win32/Agobot.NNR (0.48 seconds taken)
Norman Virus Control W32/Gaobot.BMV (0.18 seconds taken)

Statistics
Last piece of malware found was W32/Gaobot.BMV in scheduler.exe, detected by:

Scanner Malware name Time taken
AntiVir Worm/Agobot.320592 0.39 seconds
Avast Win32:Trojan-gen. {Other} 1.50 seconds
AVG Antivirus Worm/Agobot.29.AG 1.52 seconds
BitDefender Backdoor.Agobot.C 1.54 seconds
ClamAV X 1.87 seconds
Dr.Web Win32.HLLW.Agobot 2.49 seconds
F-Prot Antivirus W32/Agobot.AXV 0.09 seconds
Fortinet W32/Agobot.LQ-net 0.45 seconds
Kaspersky Anti-Virus Backdoor.Win32.Agobot.gen 1.13 seconds
mks_vir Worm.Gaobot.We 0.22 seconds
NOD32 Win32/Agobot.NNR 0.47 seconds
Norman Virus Control W32/Gaobot.BMV 0.18 seconds
Reply With Quote Quick reply to this message  
Join Date: Feb 2004
Posts: 10,126
Reputation: crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold 
Solved Threads: 770
Moderator
Featured Poster
crunchie's Avatar
crunchie crunchie is offline Offline
Spyware Killer

Re: Another hotoffers hijacking problem..

 
0
  #22
Mar 15th, 2005
OK. Use the killbox to nuke C:\WINNT\system32\scheduler.exe then remove all mention of it from hijackthis, reboot and post another log please.
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Reply With Quote Quick reply to this message  
Reply
« First 2 3

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Other Threads in the Viruses, Spyware and other Nasties Forum


Views: 4258 | Replies: 21
Thread Tools Search this Thread



Tag cloud for Viruses, Spyware and other Nasties
acrobat adware anti-malware anti-virussitesaccessissue antivirus apple attack avg backtoschoolspeech bar blackhat botnet botnets censorship china combofix commercial conficker control cybercrime cyberwarfare ddos education email europe exam exploit explorer facebook fake fancheckvirus firefox gtaiv halloween herss.exe hijack hosting ie8 internet iphone links logfiles malware mcafee microsoft mobile msn nazi news norton obama onlinethreats paedophile panel parents patch pc pdf policeprovirusmba-mblockedinternetaccess president privacy pro redirect redirecting report research rogueantivirus rootkit samhain sans scareware search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans symantec system teen threat translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista vulnerability war warning windows worm yahoo zero-day zeroday
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC