infected by Trojan-Downloader

Discussion in 'other anti-virus software' started by karencoo, Jun 20, 2007.

Thread Status:
Not open for further replies.
  1. karencoo

    karencoo Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    2
    Kaspersky Internet Security 6.0 detects as Trojan-Downloader.Win32.Agent.bjc

    nothing from NOD o_O

    ~Snip~/soft/temp/500_0_0/NewMediaCodecInstaller.exe
     
    Last edited by a moderator: Jun 20, 2007
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
    Hello Karencoo,

    Please submit any samples not detected to the various antivirus vendors. Don't post any links to possible malware here.

    Virus submissions.
     
  3. karencoo

    karencoo Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    2
    well...
    i've submitted files and urls to a number of AV companies, but NOD32 still allows this links to install spyware on pc.


    ~Links removed. Submit info to Eset.~


    please help stop this. :'(
     
    Last edited by a moderator: Jun 29, 2007
  4. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    Hello karencoo :) Please folow the instructions in the following link and adjust your NOD32 settings accordingly :)

    https://www.wilderssecurity.com/showthread.php?t=37509

    Also do you have Anti-Spyware installed? AVG Anti-Spyware is a good choice, or Webroot Spy Sweeper, which is the Strongest Anti-Spyware prevention on the market at the Moment :)

    The Additional settings for NOD32 should help detect and remove the Backdoor Trojan, as should the Anti-Spyware ;)
     
  5. Sjoeii

    Sjoeii Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    1,240
    Location:
    52?18'51.59"N + 4?56'32.13"O
    Another question. How sure are you that this really is malware?
     
  6. ASpace

    ASpace Guest

    If you are infected by something undetected and if you are ESET client , then contact ESET Technical support

    Add as much information as possible and a link to this thread
     
  7. tamdam

    tamdam Registered Member

    Joined:
    Feb 8, 2007
    Posts:
    88
    the particular malware the OP posted happens to be present at castlecop's malware links forum. Its definitely malware, and not very well detected at all - infact the website hosting it has probably 50 different variations, presumably with a few bytes changed here and there but otherwise they are identical in size. The slightly older ones (june 25 or older) are detected by around 1/4 at virustotal, the newer versions by maybe 1-3 virustotal scanners.
     
  8. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    this is certainly a malware for which some vendors have slow reaction time... even too slow. It's a Zlob\DNSChanger trojan. As tamdam said it is modified daily so as it may avoid detection. :)
     
Loading...
Thread Status:
Not open for further replies.