I will do it for him tomorrow I am going to try and fix it for him I will post a log tomorrow, from what I can tell there is two versions of it one with a key loger and one without. and we have tried a few way to do it but he is limited on what he can do.
__________________
I am not here for long I am deploying soon so please don't expect anything long winded.
ProAgent 2.1.9 Special Edition (Trojan-Dropper.Win32.Agent.arr)
by ATmaCA Written in C++ Released in April 2006 Made in Turkey more versions Server:dropped files:c:\WINDOWS\system32\agnt_mps.exe Size: 77,618 bytes c:\WINDOWS\system32\agnt_msn.exe Size: 76,594 bytes c:\WINDOWS\system32\agnt_pnc.exe Size: 9,216 bytes c:\WINDOWS\system32\drivers\KeenSense.sys Size: 16 bytes c:\WINDOWS\system32\drivers\ksdevice.sys Size: 16 bytes added to registry:HKEY_CURRENT_USER\Software\Microsoft\Wind ows\CurrentVersion\Run "qservices"data: C:\WINDOWS\qservice.exe tested on Windows XPOctober 04, 2006MegaSecurity
Ok fixed the problem by remote he had to scan his system 3 times with 3 different AV programs and all but one missed it, Kasperskey AV got it deleted and deleted it although we had to do it twice to fix it. Norton and Mcafee missed it.
__________________
I am not here for long I am deploying soon so please don't expect anything long winded.
[for a friednd] How bad is agnt_pnc.exe 
Linear Mode
