trojan.agent.f / ewido/grisoft-anti-malware ?

trojan.agent.f / ewido/grisoft-anti-malware ?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Antivirus Discussions    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
trojan.agent.f / ewido/grisoft-anti-malware ? RJK 12-19-2006
Posted by RJK on December 19, 2006, 5:13 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
hello, I know ....I know ....

....different software houses label'em with different names !

ANYWAY, ...I left Grisoft anti-malware ...or is it anti-spyware / that used
to be Ewido, ( I seem to have upgraded it for the remainder of my 12months
license, and it's no longer called Ewido ), do a complete system sweep (2
hd's / 9 drives )

...and it claims to have found "trojan.agent.f" in WinIo.dll on my drive
I:_PROGS\utilities\hotcputesterpro342

...false positive ? ...am about to submit it to Virus Total ? ..anything
known ?

regards, Richard


Posted by David H. Lipman on December 19, 2006, 5:20 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

| hello, I know ....I know ....
|
| ....different software houses label'em with different names !
|
| ANYWAY, ...I left Grisoft anti-malware ...or is it anti-spyware / that used
| to be Ewido, ( I seem to have upgraded it for the remainder of my 12months
| license, and it's no longer called Ewido ), do a complete system sweep (2
| hd's / 9 drives )
|
| ...and it claims to have found "trojan.agent.f" in WinIo.dll on my drive
| I:_PROGS\utilities\hotcputesterpro342
|
| ...false positive ? ...am about to submit it to Virus Total ? ..anything
| known ?
|
| regards, Richard

Richard, Please post that Virus Total report.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Posted by RJK on December 20, 2006, 6:26 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hello David

No response to the zip file I attached to an email and sent to Virustotal
but, I just discovered the "send" facility on the Virustotal site homepage !
...so I 'sent' the WinIo.dll file via that, and watched the multitude of
malware scanners there give it a clean bill of health - except Ewido 4.0
which claimed it contained trojan.agent.f

Mine is a very old copy of "Hot CPU Tester," and haven't used it for ages.
i.e. I used it quite a long time ago testing a cpu for fpu errors.
If you'd like that WinIo.dll file, or the *.zip file containing the program,
I could email it to you or, (suspecting it's a false positive), I'm
otherwise I'm happy to delete the program.

regards, Richard


>
> | hello, I know ....I know ....
> |
> | ....different software houses label'em with different names !
> |
> | ANYWAY, ...I left Grisoft anti-malware ...or is it anti-spyware / that
> used
> | to be Ewido, ( I seem to have upgraded it for the remainder of my
> 12months
> | license, and it's no longer called Ewido ), do a complete system sweep
> (2
> | hd's / 9 drives )
> |
> | ...and it claims to have found "trojan.agent.f" in WinIo.dll on my
> drive
> | I:_PROGS\utilities\hotcputesterpro342
> |
> | ...false positive ? ...am about to submit it to Virus Total ?
> ..anything
> | known ?
> |
> | regards, Richard
>
> Richard, Please post that Virus Total report.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>


Posted by David H. Lipman on December 20, 2006, 6:34 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

| Hello David
|
| No response to the zip file I attached to an email and sent to Virustotal
| but, I just discovered the "send" facility on the Virustotal site homepage !
| ...so I 'sent' the WinIo.dll file via that, and watched the multitude of
| malware scanners there give it a clean bill of health - except Ewido 4.0
| which claimed it contained trojan.agent.f
|
| Mine is a very old copy of "Hot CPU Tester," and haven't used it for ages.
| i.e. I used it quite a long time ago testing a cpu for fpu errors.
| If you'd like that WinIo.dll file, or the *.zip file containing the program,
| I could email it to you or, (suspecting it's a false positive), I'm
| otherwise I'm happy to delete the program.
|
| regards, Richard
|

Yaeh there was a problem on Virus Total last night. There was high utilization
on the web
site anmd even with my prioroty email scanning I never received responses for
files I sent.

I suggest re-sending.

You are always welcome to email suspects to me.
Just password protect the ZIP file with the password being; infected
{ password = infected }

Remove ~nospam~ from; DLipman~nospam~@Verizon.Net to email it to me.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Posted by William on December 27, 2006, 1:16 am
If you were  Registered and logged in, you could reply and use other advanced thread options
On 12/20/2006 3:26 PM, something possessed RJK to write:
> Hello David
>
> No response to the zip file I attached to an email and sent to
> Virustotal but, I just discovered the "send" facility on the Virustotal
> site homepage ! ...so I 'sent' the WinIo.dll file via that, and watched
> the multitude of malware scanners there give it a clean bill of health -
> except Ewido 4.0 which claimed it contained trojan.agent.f
>
> Mine is a very old copy of "Hot CPU Tester," and haven't used it for
> ages. i.e. I used it quite a long time ago testing a cpu for fpu errors.
> If you'd like that WinIo.dll file, or the *.zip file containing the
> program, I could email it to you or, (suspecting it's a false positive),
> I'm otherwise I'm happy to delete the program.
>
> regards, Richard
>
>
>>
>> | hello, I know ....I know ....
>> |
>> | ....different software houses label'em with different names !
>> |
>> | ANYWAY, ...I left Grisoft anti-malware ...or is it anti-spyware /
>> that used
>> | to be Ewido, ( I seem to have upgraded it for the remainder of my
>> 12months
>> | license, and it's no longer called Ewido ), do a complete system
>> sweep (2
>> | hd's / 9 drives )
>> |
>> | ...and it claims to have found "trojan.agent.f" in WinIo.dll on my
>> drive
>> | I:_PROGS\utilities\hotcputesterpro342
>> |
>> | ...false positive ? ...am about to submit it to Virus Total ?
>> ..anything
>> | known ?
>> |
>> | regards, Richard
>>
>> Richard, Please post that Virus Total report.
>>
>> --
>> Dave
>> http://www.claymania.com/removal-trojan-adware.html
>> http://www.ik-cs.com/got-a-virus.htm
>>
>>
>
According to http://www.winsite.com/bin/Info?500000002771, this file is
supposed to enable Visual Basic to do 8- and 16-bit input and output
hardware. Personally, if it were me, and I suspected it, I'd try
renaming the file to something like WinIO.suspect so that it can't be
called the OS (or if you suspect it might get called with the same name,
than completely change the name). If it turns out later that you need
it, than you can just rename it again and be on your way. Good luck.

Similar ThreadsPosted
Trojan Dropper Agent 8 B Help August 9, 2005, 9:21 pm
Re: Trojan Dropper Agent 8 B Help August 9, 2005, 10:44 pm
Re: Trojan Dropper Agent 8 B Help August 10, 2005, 12:39 pm
trojan.win32.agent.xud August 11, 2008, 4:18 pm
Trojan Horse Downloader.Agent.ETP August 9, 2006, 11:16 am
Where does Trojan-downloader.win32.Agent.bkd start up? June 17, 2007, 9:33 pm
JS Downloader Agent (Virus) and Trojan Horses January 27, 2008, 2:24 pm
Win32.Trojan.Spy.Agent.kb detected by ZoneAlarm Internet Security May 23, 2008, 3:13 pm
Win32:Agent-QC in pagefile.sys April 17, 2007, 1:12 am
Preventing rootkit.agent December 18, 2008, 2:58 pm

The site map in XML format XML site map

Contact Us | Privacy Policy