RSS

Trojan in Action -VS2005

27 Jan

I’m working with VS 2005 for my university project.During last week I got an unexpected exception ,
It was a divide by zero exception.The funniest thing is I haven’t use any arithmetic operations in my code.Due to this error ,I was unable to load the GUI properly.

Stupid error messages

WINDOWS\system32\msvcrt.dll’, No symbols loaded.
\WINDOWS\system32\MSCTF.dll’, No symbols loaded.
\WINDOWS\system32\advapi32.dll’, No symbols loaded.
\WINDOWS\system32\rpcrt4.dll’, No symbols loaded.
\WINDOWS\system32\amvo0.dll’, Binary was not built with debug information.

First-chance exception at 0x10016d66 in te.exe: 0xC0000005: Access violation writing location 0x00000000.
First-chance exception at 0x10015bb9 in te.exe: 0xC0000094: Integer division by zero.
First-chance exception at 0x8caf1379 in te.exe: 0xC0000005: Access violation reading location 0x8caf1379.
First-chance exception at 0x10015d12 in te.exe: 0xC0000005: Access violation writing location 0x00000000.
‘te.exe’: Unloaded ‘H:\WINDOWS\system32\amvo0.dll’
‘te.exe’: Loaded ‘H:\WINDOWS\system32\amvo0.dll’, Binary was not built with debug information.
First-chance exception at 0x10016d66 in te.exe: 0xC0000005: Access violation writing location 0x00000000.
First-chance exception at 0x10015bb9 in te.exe: 0xC0000094: Integer division by zero.
The program ‘[4944] te.exe: Native’ has exited with code 0 (0x0).

amvo0.dll is the file that cause the exception.It is a Trojan program which links with the VS2005 libraries.
I formated my hard drive and reinstalled the VS2005 .But it didn’t solve my problem :(.
I found a online virus scanning program from
http://fileinfo.prevx.com/adware/qqcfe5104592595-AMVO44036059/AMVO0.DLL.html
It detected the Trojan programs,Apart from the amvo0.dll there were some other executable files also reside in my hard drives.
So I had to do a full system scan of my hard drives in order to remove AMV0 Trojan series

Advertisements
 
Leave a comment

Posted by on January 27, 2008 in technology

 

Tags: , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: