Jump to content

Trojan.Agent

Kelly in Tx

By Kelly in Tx
in File Detections

 Share

Recommended Posts

Kelly in Tx

Kelly in Tx

Posted
Posted

This is from Virus Total. I did a browse, then put this in on all files...C:\WINDOWS\system32\sksdrvr2.sys

There was a file under that that said Readme.txt So if this is really it, then none of the av found it to be an infection. Of course they may all be wrong, and your checker was correct.

File Readme.txt received on 12.12.2008 22:58:02 (CET)

Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 0/38 (0%)

Loading server information...

Your file is queued in position: 1.

Estimated start time is between 38 and 55 seconds.

Do not close the window until scan is complete.

The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.

If you are waiting for more than five minutes you have to resend your file.

Your file is being scanned by VirusTotal in this moment,

results will be shown as they're generated.

Compact Compact

Print results Print results

Your file has expired or does not exists.

Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.

Email:

Antivirus Version Last Update Result

AhnLab-V3 2008.12.12.2 2008.12.12 -

AntiVir 7.9.0.45 2008.12.12 -

Authentium 5.1.0.4 2008.12.12 -

Avast 4.8.1281.0 2008.12.12 -

AVG 8.0.0.199 2008.12.12 -

BitDefender 7.2 2008.12.12 -

CAT-QuickHeal 10.00 2008.12.12 -

ClamAV 0.94.1 2008.12.12 -

Comodo 741 2008.12.12 -

DrWeb 4.44.0.09170 2008.12.12 -

eSafe 7.0.17.0 2008.12.11 -

eTrust-Vet 31.6.6258 2008.12.12 -

Ewido 4.0 2008.12.12 -

F-Prot 4.4.4.56 2008.12.12 -

F-Secure 8.0.14332.0 2008.12.12 -

Fortinet 3.117.0.0 2008.12.12 -

GData 19 2008.12.12 -

Ikarus T3.1.1.45.0 2008.12.12 -

K7AntiVirus 7.10.552 2008.12.12 -

Kaspersky 7.0.0.125 2008.12.12 -

McAfee 5461 2008.12.11 -

McAfee+Artemis 5461 2008.12.11 -

Microsoft 1.4205 2008.12.12 -

NOD32 3688 2008.12.12 -

Norman 5.80.02 2008.12.12 -

Panda 9.0.0.4 2008.12.12 -

PCTools 4.4.2.0 2008.12.12 -

Prevx1 V2 2008.12.12 -

Rising 21.07.42.00 2008.12.12 -

SecureWeb-Gateway 6.7.6 2008.12.12 -

Sophos 4.36.0 2008.12.12 -

Sunbelt 3.2.1801.2 2008.12.11 -

Symantec 10 2008.12.12 -

TheHacker 6.3.1.2.186 2008.12.12 -

TrendMicro 8.700.0.1004 2008.12.12 -

VBA32 3.12.8.10 2008.12.12 -

ViRobot 2008.12.12.1515 2008.12.12 -

VirusBuster 4.5.11.0 2008.12.12 -

Additional information

File size: 374 bytes

MD5...: 05dbf0935e58307b5036ff276828b086

SHA1..: 68dc8a130e89ec1e37a655afd592bf92a4355274

SHA256: 5663068450a4775e11b151070c7614a550a33fb65db99f53bfb99754249190c5

SHA512: 3f2bf2a3d22fb9f703155f4c533f01f08f4e1dd492616de9f6859627cb585a98

9888c7961d6743eb24d5bd33162973e5e0ccfcca6682fd4b4c74a06722c66d55

ssdeep: 6:hDyyFSShllzLVmyFjsVIBrAyEcEyl8HhKAycWD4IwBGwxxO4q5JmJnml:huyhh

bLYyimSyJxYcAyn4G1H+nml

PEiD..: -

TrID..: File type identification

Unknown!

PEInfo: -

ATENTION ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

Malwarebytes' Anti-Malware 1.31

Database version: 1483

Windows 5.1.2600 Service Pack 3

12/12/2008 4:08:18 PM

mbam-log-2008-12-12 (16-08-11).txt

Scan type: Quick Scan

Objects scanned: 63712

Time elapsed: 5 minute(s), 37 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\sksdrvr2.sys (Trojan.Agent) -> No action taken. [3857535134305383807566791534727079851301362761564247374856526184908485707820196

1847684698387831915849084]

Readme.txt

Readme.txt

Link to post
Share on other sites
nosirrah

nosirrah

Posted
Posted

http://64.233.169.132/search?q=cache:LGv4D...lient=firefox-a

Not looking so good , this is the only hit for this on google .

I am also not sure why you submitted a text file to virus total , text is not executable .

We have had problems in the past conflicting with an application that creates folders by the same name as malware files to prevent their installation , this seems to be the case here looking at the text in that file .

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.