• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 913
  • Last Modified:

Need Instructions for Deleting Troj Agent Variants

Hi Everyone:

        Tonight, I went online at trendmicro.com and checked for viruses/trojans even though my latest McAfee did not find any infections.  When scanning from trendmicro.com, 5 different trojans appeared, (1) Troj Agent.AE, (1)Troj Agent.BF, and (3) Troj Agent.BN.  Unfortunately, the entire pc locked up and had to be restarted following this.  At this point, I am needing any suggestions which come to mind for deleting the trojan files.  

       I look forward to hearing from everyone regarding this post.

       Thank you

       George
0
GMartin
Asked:
GMartin
  • 2
  • 2
  • 2
  • +4
6 Solutions
 
shahrialCommented:
Download Lavasoft Ad-Aware SE Personal Edition below:
http://www.download.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button

Run the update and scan your system and see if it can safely remove the trojans...;-)


0
 
Cyber-DudeCommented:
Heres a link for a banch of software may able to assist you. My reccomendation is vary; If it is a spyware or an addware than you may use any Spybot or Ad-Aware software. If it is truely a Trojan, I would suggest you try using Bazooka software. Etherware all of them are 'Freeware':
http://www.webattack.com/freeware/security/fwantispy.html

PS
A great software but NOT free is 'Spy Sweeper':
http://www.snapfiles.com/get/spysweeper.html

Hope this is a helpful post

;)

Cyber
0
 
woodendudeCommented:
http://vil.nai.com/vil/stinger/     download and install Stinger, reboot into safemode  and run this application.
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
sunray_2003Commented:
Are you able to login to safe mode and then scan using trendmicro ?
Does it say the location of those file...

If it says, go to those locations and remove them ..  Make sure those exe files are not running in task manager .If they are running , you got to kill those exe files before removing them..

Some of the experts here have helped in compiling all the important spyware tools and they are listed in this thread
http://www.experts-exchange.com/Web/Browser_Issues/Q_20975384.html

My recommendation would be to start with Spybot ,Ad-ware ,CWshredder.After installing them, First Update them and then run

Once running all the above tools and others given in that thread, download and run Hijackthis.
Download Hijacthis from here http://www.softpedia.com/public/cat/10/17/10-17-69.shtml.
Get the log from Hijackthis and save the log and paste it here http://hijackthis.de/index.php?langselect=english to analyze it. The analyser site is used so that you donot gum up the thread with the entire log.

Remove the bad ones that the site reports. If it says unknown process, then use a search engine to check if those are bad ones. If bad remove them , if you still cannot find then post those files alone here.
0
 
rossfingalCommented:
Hi!

Download a2 Anti-Trojan (free version) from:
http://www.gatesofdelirium.com/ee/tools/
Update it
Run it, and take note of any infected files or folders.
Then, reboot into "safe" mode and run it again.
It has an option to destroy files, which I've had some success with.

Here's links to some info on Tro Agent.AE -
http://www.sophos.com/virusinfo/analyses/trojdloadery.html
http://www.sophos.com/virusinfo/analyses/trojbizexf.html

Let us know.

Good luck!

RF
0
 
chicagoanCommented:
regarding "any Spybot or Ad-Aware software" , I think that's a sweeping generalization. Some free software actually componds the problem by installing it's own adware and spyware agents. The reason anti-virus software doesn't pick up these apps is that the user is conned into installing something when visiting a page. Terms like "macromedia compatible toolbar" and "media player' are used to lull the unsuspecting surfer into clicking the YES button.

I've used SPYBOT S&D with good success, though if the machine operator is prone to poor decisions, a commercial product that constantly monitors things may be in order (i.e. Pest Patrol).

http://www.pchell.com/support/spyware.shtml 
0
 
GMartinAuthor Commented:
Hi Everyone:

       Before I begin, I want to thank each expert for their input.  I found each response rich in content and germane to this post which certainly made it difficult when it came time to award points.  In any case, I want each person to acknowledge how much I value the quality of responses by my attempt to distribute points to each person.  

       Now, to the problem which is now resolved.  It started out with the detection of Trojans by trendmicro.com with the pc locking up during the scan.  Secondly, the problem asl manifested itself by the browswer's home page changing to about:search with the inability to change it within the Properties section of Internet Options. And, finally, there was a noticeable slow down of all internet activity with respect to the loading of pages and downloads.  

       With respect to the utilities ran, I found a wide array of differences with respect to outcome of scanning.  For instance, one utility called Trojan Remover, did not detect anything.  However, when I ran Adaware SE Personal Edition, CWShredder, and the a2 program which detected the malware, several problems were found.  While I was unsure of every entry found as being corrupted by the utilities, I simply went ahead and deleted all of them.  Now, my pc is running much smoother with regards to internet functionality.  

        Thanks again everyone for your help.

        George
0
 
sunray_2003Commented:
Thanks George for your timely closing of question and Happy that you got ur issue solved..

SR
0
 
rossfingalCommented:
Hi!

Me too!

And thanks!
(Stop back, if other problems!)
Regards...
"Clown Boy"  :)
0
 
woodendudeCommented:
Thank you George, keep Stinger handy you will find it useful.
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 2
  • 2
  • 2
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now