Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojanhorse DownLoader Agent8PNF


  • Please log in to reply
No replies to this topic

#1 ytseschew

ytseschew

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 07 December 2008 - 03:05 AM

My friend who I am helping got the following pop up after browsing the web (mostly webmail at Verizon). He thought it was a message from his AVG virus scanner which it may be but I found no info about this trojan so it concerned me. In any case, he ran AVG scanner afterward and found nothing other than a few cookies. Should he be concerned and do a more in depth analysis? He is running Windows XP Home SP3.

He wrote down the pop up info as follows (I didn't get to see it):

"RESIDENT SHIELD alert!
Accessed file is infected:
Threat Detected

filename: c:\System Volume
Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP712\A0109985.dll
Threat name: Trojanhorse DownLoader Agent8PNF
Detected on open
Details: Process Name c:\Windows\System32\svchost.exe

More information on this threat
[Box] Remove threat as Power User
[Box] HEAL [Box] MOVE TO VAULT [Box] IGNORE"

He clicked on 'Remove' but he said it "didn't seem to do anything." To me it looks like a system restore file may be infected. Thanks for any advice and let me know if you need more information.

Edited by Orange Blossom, 07 December 2008 - 09:03 AM.
Moved from XP forum to Am I Infected. ~ OB


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users